Catalyst 3550 Multilayer Switch Command Reference, 12.1(8)EA1
Cisco IOS Commands - s
Downloads: This chapterpdf (PDF - 1.52MB) | Feedback

2

Table Of Contents

sdm prefer

service password-recovery

service-policy

set

setup

show access-lists

show boot

show changes

show class-map

show cluster

show cluster candidates

show cluster members

show controllers cpu-interface

show controllers ethernet-controller

show controllers switch

show controllers tcam

show current

show dot1x

show env

show errdisable detect

show errdisable flap-values

show errdisable recovery

show etherchannel

show fm interface

show fm label

show fm vlan

show forward

show interfaces

show interfaces counters

show ip igmp profile

show ip igmp snooping

show l2tcam

show l3tcam

show mac-address-table

show mac-address-table address

show mac-address-table aging-time

show mac-address-table count

show mac-address-table dynamic

show mac-address-table interface

show mac-address-table multicast

show mac-address-table notification

show mac-address-table static

show mac-address-table vlan

show mls qos

show mls qos aggregate-policer

show mls qos interface

show mls qos maps

show monitor

show mvr

show mvr interface

show mvr members

show pagp

show policy-map

show port-security

show proposed

show sdm prefer

show spanning-tree

show storm-control

show system mtu

show tcam

show tcam qos

show udld

show version

show vlan

show vlan access-map

show vlan filter

show vmps

show vtp

shutdown

shutdown vlan

snmp-server enable traps

snmp-server host

snmp trap mac-notification

spanning-tree backbonefast

spanning-tree cost

spanning-tree etherchannel guard misconfig

spanning-tree extend system-id

spanning-tree guard

spanning-tree port-priority

spanning-tree portfast

spanning-tree portfast bpduguard

spanning-tree stack-port

spanning-tree uplinkfast

spanning-tree vlan

speed

standby mac-address

storm-control

switchcore

switchport

switchport access

switchport block

switchport broadcast

switchport mode

switchport multicast

switchport nonegotiate

switchport port-security

switchport protected

switchport trunk

switchport unicast

system mtu


2

sdm prefer

Use the sdm prefer global configuration command to configure the template used in Switch Database Management (SDM) resource allocation. A template allows you to allocate system memory to best support the features being used in your application. It allows you to approximate the maximum number of unicast MAC addresses, Internet Group Management Protocol (IGMP) groups, quality of service (QoS) access control entries (ACEs), security ACEs, unicast routes, multicast routes, subnet VLANs (routed interfaces), and Layer 2 VLANs that can be configured on the switch. Use the no form of the command to return to the default settings.

sdm prefer {access | routing | vlan}

no sdm prefer

Syntax Description

access

Provide maximum system utilization for multicast traffic, QoS classification ACEs, and security ACEs, typical for an access switch at the network edge.

routing

Provide maximum system utilization for unicast routing, minimizing QoS classification ACLs and security ACLs, typical for a router or aggregator in the middle of a network.

vlan

Provide maximum system utilization for VLANs, with routing disabled. This template maximizes system memory for use as a Layer 2 switch with no routing.


Defaults

The default template provides a balance to all features.

Command Modes

Global configuration

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.

12.1(6)EA1

Template values revised. Templates for Fast Ethernet switches were added.

12.1(8)EA1

Template values for Gigabit Ethernet switches revised.


Usage Guidelines

The switch must reload for the configuration to take effect.

Using the sdm prefer vlan command disables routing capability in the switch. Any routing configurations will be rejected after the reload, and those options might be lost. When the switch reloads, the message "Running Layer2 Switching Only Image" appears, even though you are really running a Layer 3 image with the routing functionality disabled. Use the sdm prefer vlan command only on switches intended for Layer 2 switching with no routing.

Do not use the routing template if you do not have the enhanced multilayer software image installed on your switch. Entering the sdm prefer routing global configuration command on a switch that does not have the enhanced multilayer software image would not enable routing, but it would prevent other features from using the approximately 17 K of memory allocated to unicast and multicast routing in the routing template.

Table 2-10 lists the approximate number of each resource supported in each of the four templates for a Gigabit Ethernet switch. Table 2-11 lists the approximate number supported for a switch with mostly Fast Ethernet ports. The first six rows in the tables (unicast MAC addresses through multicast routes) represent approximate hardware boundaries set when a template is selected. If a section of a hardware resource is full, all processing overflow is sent to the CPU, seriously impacting switch performance.

The last two rows, the total number of routed ports and SVIs and the number of Layer 2 VLANs, are guidelines used to calculate hardware resource consumption related to the other resource parameters.

The number of subnet VLANs (routed ports and SVIs) are not limited by software and can be set to a number higher than indicated in the tables. If the number of subnet VLANs configured is lower or equal to the number in the tables, the number of entries in each category (Unicast addresses, IGMP groups, and so on) for each template will be as indicated. As the number of subnet VLANs is increased, CPU utilization will typically increase. If the number of subnet VLANs is increased beyond the number indicated in the tables, the number of supported entries in each category may decrease depending on features that are enabled. For example, if PIM-DVMRP is enabled with more than 16 subnet VLANs, the number of entries for multicast routes will be in the range of 1K-5K entries for the access template.

Table 2-10 Approximate Number of Feature Resources Allowed by Each Template for Gigabit Ethernet Switches

Resource
Default Template
Access Template
Routing Template
VLAN Template

Unicast MAC addresses

6 K

2 K

6 K

12 K

IGMP groups (managed by Layer 2 multicast features such as MVR or IGMP snooping)

6 K

8 K

6 K

6 K

QoS classification ACEs

2K

2 K

1 K

2 K

Security ACEs

2 K

4 K

1 K

2 K

Unicast routes

12 K

4 K

24 K

0

Multicast routes

6 K

8 K

6 K

0

Routed interfaces (routed ports and SVIs)

16

16

16

16

Layer 2 VLANs

1 K

1 K

1 K

1 K


Table 2-11 Approximate Number of Feature Resources Allowed by Each Template for Fast Ethernet Switches

Resource
Default Template
Access Template
Routing Template
VLAN Template

Unicast MAC addresses

5 K

1 K

5 K

8 K

IGMP groups (managed by Layer 2 multicast features such as MVR and IGMP snooping)

1 K

2 K

1 K

1 K

QoS ACEs

1 K

2 K

512

1 K

Security ACEs

1 K

2 K

512

1 K

Unicast routes

8 K

2 K

16 K

0

Multicast routes

1 K

2 K

1 K

0

Routed interfaces (routed ports and SVIs)

8

8

8

8

Layer 2 VLANs

1 K

1 K

1 K

1 K


Examples

This example shows how to configure the routing template on the switch:

Switch(config)# sdm prefer routing
Switch(config)# exit
Switch# reload

This example shows how to remove the routing template and use the default template:

Switch(config)# no sdm prefer routing
Switch(config)# exit
Switch# reload

You can verify your settings by entering the show sdm prefer privileged EXEC command.

Related Commands

Command
Description

show sdm prefer

Displays the current SDM template in use or displays the templates that can be used, with approximate resource allocation per feature.


service password-recovery

Use the service password-recovery global configuration command to enable the password-recovery mechanism (the default). This mechanism allows a user with physical access to the switch to hold down the Mode button and interrupt the boot process while the switch is powering up and to assign a new password. Use the no form of this command to disable part of the password-recovery functionality. When the password-recovery mechanism is disabled, interrupting the boot process is allowed only if the user agrees to set the system back to the default configuration.

service password-recovery

no service password-recovery

Syntax Description

This command has no arguments or keywords.

Defaults

The default action is for the password-recovery mechanism to be enabled.

Command Modes

Global configuration

Command History

Release
Modification

12.1(6)EA1a

This command was first introduced.


Usage Guidelines

This command is valid only on Catalyst 3550 Fast Ethernet switches; it is not available for Gigabit Ethernet switches.

As a system administrator, you can use the no service password-recovery command to disable some of the functionality of the password recovery feature by allowing an end user to reset a password only by agreeing to return to the default configuration.

The password-recovery mechanism has been triggered, but
is currently disabled.  Access to the boot loader prompt
through the password-recovery mechanism is disallowed at
this point.  However, if you agree to let the system be
reset back to the default system configuration, access
to the boot loader prompt can still be allowed.

Would you like to reset the system back to the default configuration (y/n)?

If the user chooses not to reset the system back to the default configuration, the normal boot process continues, as if the Mode button had not been pressed. If you choose to reset the system back to the default configuration, the configuration file in flash memory is deleted and the VLAN database file, flash:vlan.dat (if present) is deleted.


Note If you use the no service password-recovery command to control end user access to passwords, we recommend that you save a copy of the config file in a location away from the switch in case the end user uses the password recovery procedure and sets the system back to defaults. Do not keep a backup copy of the config file on the switch.

If the switch is operating in VTP transparent mode, we recommend that you also save a copy of the vlan.dat file in a location away from the switch.


You can verify if password recovery is enabled or disabled by entering the show version privileged EXEC command.

Examples

This is an example of the output from the show version privileged EXEC command when password-recovery is disabled.

Switch# show version
1w6d: %SYS-5-CONFIG_I: Configured from console by console
Cisco Internetwork Operating System Software
IOS (tm) C3550 Software (C3550-I9Q3L2-M), Version 12.1(8)EA1, RELEASE SOFTWARE (fc1)
Copyright (c) 1986-2001 by cisco Systems, Inc.
Compiled Wed 24-Oct-01 06:20 by antonino
Image text-base: 0x00003000, data-base: 0x004C1864

ROM: Bootstrap program is C3550 boot loader

flam-1-6 uptime is 1 week, 6 days, 3 hours, 59 minutes
System returned to ROM by power-on
System image file is "flash:c3550--i9q3l2-mz.121-8EA1.bin"

cisco WS-C3550-48 (PowerPC) processor with 65526K/8192K bytes of memory.
Last reset from warm-reset
Running Layer2 Switching Only Image

Ethernet-controller 1 has 12 Fast Ethernet/IEEE 802.3 interfaces

Ethernet-controller 2 has 12 Fast Ethernet/IEEE 802.3 interfaces

Ethernet-controller 3 has 12 Fast Ethernet/IEEE 802.3 interfaces

Ethernet-controller 4 has 12 Fast Ethernet/IEEE 802.3 interfaces

Ethernet-controller 5 has 1 Gigabit Ethernet/IEEE 802.3 interface

Ethernet-controller 6 has 1 Gigabit Ethernet/IEEE 802.3 interface

48 FastEthernet/IEEE 802.3 interface(s)
2 Gigabit Ethernet/IEEE 802.3 interface(s)

The password-recovery mechanism is disabled.
32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: AA:00:0B:2B:02:00
Configuration register is 0x10F

Related Commands

Command
Description

show version

Displays version information for the hardware and firmware.


service-policy

Use the service-policy interface configuration command to apply a policy map defined by the policy-map command to the input or output of a particular interface. Use the no form of this command to remove the policy map and interface association.

service-policy {input policy-map-name | output policy-map-name}

no service-policy {input policy-map-name | output policy-map-name}

Syntax Description

input policy-map-name

Apply the specified policy-map to the input of an interface.

output policy-map-name

Apply the specified policy-map to the output of an interface.



Note Though visible in the command-line help strings, the history keyword is not supported, and you should ignore the statistics it gathers.


Defaults

No policy maps are attached to the interface.

Command Modes

Interface configuration

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

Only one policy map per interface per direction is supported.

You cannot attach policy maps that contain set or trust policy-map class configuration commands or that have an access control list (ACL) classification to an egress interface by using the service-policy interface configuration command. The only match criterion supported is with the match ip dscp dscp-list class-map configuration command.

Examples

This example shows how to apply plcmap1 to an ingress interface:

Switch(config)# interface gigabitethernet0/1
Switch(config-if)# service-policy input plcmap1

This example shows how to apply plcmap2 to an egress interface:

Switch(config)# interface gigabitethernet0/2
Switch(config-if)# service-policy output plcmap2

This example shows how to detach plcmap2 from an interface2:

Switch(config)# interface gigabitethernet0/2
Switch(config-if)# no service-policy input plcmap2

You can verify your settings by entering the show running-config privileged EXEC command.

Related Commands

Command
Description

policy-map

Creates or modifies a policy map that can be attached to multiple interfaces to specify a service policy.

show policy-map

Displays quality of service (QoS) policy maps.


set

Use the set policy-map class configuration command to classify IP traffic by setting a Differentiated Services Code Point (DSCP) or IP-precedence value in the packet. Use the no form of this command to remove traffic classification.

set {ip dscp new-dscp | ip precedence new-precedence}

no set {ip dscp new-dscp | ip precedence new-precedence}

Syntax Description

ip dscp new-dscp

New DSCP value assigned to the classified traffic. The range is 0 to 63.

ip precedence new-precedence

New IP-precedence value assigned to the classified traffic. The range is 0 to 7.



Note Though visible in the command-line help strings, the mpls keyword is not supported.


Defaults

No traffic classification is defined.

Command Modes

Policy-map class configuration

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

The set command is mutually exclusive with the trust policy-map class configuration command within the same policy map.

You cannot attach policy maps that contain set or trust policy-map class configuration commands or that have an access control list (ACL) classification to an egress interface by using the service-policy interface configuration command.

For the set ip dscp new-dscp or the set ip precedence new-precedence command, you can enter a mnemonic name for a commonly-used value. For example, you can enter the set ip dscp af11 command, which is the as same entering the set ip dscp 10 command. You can enter the set ip precedence critical command, which is the same as entering the set ip precedence 5 command. For a list of supported mnemonics, enter the set ip dscp ? or the set ip precedence ? command to see the command-line help strings.

To return to policy-map configuration mode, use the exit command. To return to privileged EXEC mode, use the end command.

Examples

This example shows how to assign DSCP 10 to all FTP traffic without any policers:

Switch(config)# policy-map policy_ftp
Switch(config-pmap)# class ftp_class
Switch(config-pmap-c)# set ip dscp 10
Switch(config-pmap)# exit

You can verify your settings by entering the show policy-map privileged EXEC command.

Related Commands

Command
Description

police

Defines a policer for classified traffic.

policy-map

Creates or modifies a policy map that can be attached to multiple interfaces to specify a service policy.

show policy-map

Displays quality of service (QoS) policy maps.

trust

Defines a trust state for traffic classified by the class policy-map configuration command or the class-map global configuration command.


setup

Use the setup privileged EXEC command to configure the switch with its initial configuration.

setup

Syntax Description

This command has no arguments or keywords.

Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

When you use the setup command, make sure that you have this information:

IP address and network mask

Password strategy for your environment

Whether the switch will be used as the command switch in a cluster and the cluster name

When you enter the setup command, an interactive dialog, called the System Configuration Dialog, appears. It guides you through the configuration process and prompts you for information. The values shown in brackets next to each prompt are the default values last set by using either the setup command facility or the configure privileged EXEC command.

Help text is provided for each prompt. To access help text, press the question mark (?) key at a prompt.

To return to the privileged EXEC prompt without making changes and without running through the entire System Configuration Dialog, press Ctrl-C.

When you complete your changes, the setup program shows you the configuration command script that was created during the setup session. You can save the configuration in nonvolatile RAM (NVRAM), return to the setup program without saving, or return to the command-line prompt without saving the configuration.

Examples

This is an example of output from the setup command:

Switch# setup

--- System Configuration Dialog ---

Continue with configuration dialog? [yes/no]: yes

At any point you may enter a question mark '?' for help.
Use ctrl-c to abort configuration dialog at any prompt.
Default settings are in square brackets '[]'.

Basic management setup configures only enough connectivity
for management of the system, extended setup will ask you
to configure each interface on the system.

Would you like to enter basic management setup? [yes/no]: yes
Configuring global parameters:

Enter host name [Switch]:host-name

  The enable secret is a password used to protect access to
  privileged EXEC and configuration modes. This password, after
  entered, becomes encrypted in the configuration.
  Enter enable secret: enable-secret-password

  The enable password is used when you do not specify an
  enable secret password, with some older software versions, and
  some boot images.
  Enter enable password: enable-password

  The virtual terminal password is used to protect
  access to the router over a network interface.
  Enter virtual terminal password: terminal-password

  Configure SNMP Network Management? [no]: yes
  Community string [public]: 

Current interface summary
Any interface listed with OK? value "NO" does not have a valid configuration

Interface                  IP-Address      OK? Method Status                Protocol
Vlan1                      172.20.135.202  YES NVRAM  up                    up

GigabitEthernet0/1         unassigned      YES unset  up                    up

GigabitEthernet0/2         unassigned      YES unset  up                    down

GigabitEthernet0/3         unassigned      YES unset  administratively down down

GigabitEthernet0/4         unassigned      YES unset  up                    down

GigabitEthernet0/5         unassigned      YES NVRAM  up                    down

GigabitEthernet0/6         unassigned      YES NVRAM  up                    down

GigabitEthernet0/7         unassigned      YES unset  up                    down

GigabitEthernet0/8         unassigned      YES unset  up                    down

GigabitEthernet0/9         unassigned      YES unset  administratively down down

GigabitEthernet0/10        10.1.2.3        YES NVRAM  up                    down

GigabitEthernet0/11        unassigned      YES unset  up                    down

GigabitEthernet0/12        unassigned      YES unset  up                    down

Port-channel1              unassigned      YES unset  up                    down

Enter interface name used to connect to the
management network from the above interface summary: vlan1

Configuring interface vlan1:
Configure IP on this interface? [yes]: yes 
IP address for this interface: ip_address
Subnet mask for this interface [255.0.0.0]: subnet_mask

Would you like to enable as a cluster command switch? [yes/no]: yes

Enter cluster name: cluster-name

The following configuration command script was created:

hostname host-name
enable secret 5 $1$LiBw$0Xc1wyT.PXPkuhFwqyhVi0
enable password enable-password
line vty 0 15
password terminal-password
snmp-server community public
!
no ip routing
!
interface GigabitEthernet0/1
no ip address
!
interface GigabitEthernet0/2
no ip address
! 
...
interface GigabitEthernet0/12
no ip address

cluster enable cluster-name
!
end
Use this configuration? [yes/no]: yes
!
[0] Go to the IOS command prompt without saving this config.

[1] Return back to the setup without saving this config.

[2] Save this configuration to nvram and exit.

Enter your selection [2]:

Related Commands

Command
Description

show running-config

Displays the running configuration on the switch. For syntax information, select Cisco IOS Configuration Fundamentals Command Reference for Release 12.1 > Cisco IOS File Management Commands > Configuration File Commands.

show version

Displays version information for the hardware and firmware.


show access-lists

Use the show access-lists privileged EXEC command to display router access control lists (ACLs) configured on the switch.

show access-lists [name | number | hardware counters] [ | {begin | exclude | include} expression]

Syntax Description

name

(Optional) Name of the ACL.

number

(Optional) ACL number. The range is from 1 to 2699.

hardware counters

(Optional) Display global hardware ACL statistics for switched and routed packets.

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

The Catalyst 3550 multilayer switch supports only IP standard and extended access lists. Therefore, the allowed numbers are only 1 to 199 and 1300 to 2699.

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

Examples

This is an example of output from the show access-lists command:

Switch# show access-lists
Standard IP access list 13
    permit any
Standard IP access list permit Any
    permit any
Extended IP access list 101
    permit icmp any any conversion-error
    permit 234 host 172.30.40.1 host 123.23.23.2
Extended IP access list 102
    permit esp any any
    permit eigrp any any tos min-monetary-cost
Extended IP access list 103
    permit icmp any any 40 60
Extended IP access list CMP-NAT-ACL
    Dynamic Cluster-NAT permit ip any any
Extended MAC access list abc2
    permit host 1100.bb00.00cc host 2234.0123.2345     

Related Commands

Command
Description

access-list

Configures a standard or extended numbered access list on the switch. For syntax information, select Cisco IOS IP and IP Routing Command Reference for IOS Release 12.1 > IP Addressing and Services > IP Services Commands.

ip access list

Configures a named IP access list on the switch. For syntax information, select Cisco IOS IP and IP Routing Command Reference for IOS Release 12.1 > IP Addressing and Services > IP Services Commands.

mac access-list extended

Configures a named or numbered MAC access list on the switch.


show boot

Use the show boot privileged EXEC command to display the settings of the boot environment variables.

show boot [ | {begin | exclude | include} expression]

Syntax Description

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

Examples

This is an example of output from the show boot command. Table 2-12 describes each field in the display.

Switch# show boot
BOOT path-list:      flash:c3550-i5q3l2-mz-121.4.EA1/c3550-i5q3l2-mz-121.4.EA1.bin
Config file:         flash:config.text
Enable Break:        no
Manual Boot:         yes
HELPER path-list:
NVRAM/Config file
      buffer size:   32768 

Table 2-12 show boot Field Descriptions

Field
Description

BOOT path-list

Displays a semicolon separated list of executable files to try to load and execute when automatically booting.

If the BOOT environment variable is not set, the system attempts to load and execute the first executable image it can find by using a recursive, depth-first search through the Flash file system. In a depth-first search of a directory, each encountered subdirectory is completely searched before continuing the search in the original directory.

If the BOOT variable is set but the specified images cannot be loaded, the system attempts to boot the first bootable file that it can find in the Flash file system.

Config file

Displays the filename that IOS uses to read and write a nonvolatile copy of the system configuration.

Enable Break

Displays whether a break during booting is enabled or disabled. If it is set to yes, on, or 1, you can interrupt the automatic boot process by pressing the Break key on the console after the Flash file system is initialized.

Manual Boot

Displays whether the switch automatically or manually boots. If it is set to no or 0, the boot loader attempts to automatically boot the system. If it is set to anything else, you must manually boot the switch from the boot loader mode.

Helper path-list

Displays a semicolon separated list of loadable files to dynamically load during the boot loader initialization. Helper files extend or patch the functionality of the boot loader.

NVRAM/Config file buffer size

Displays the buffer size that IOS uses to hold a copy of the configuration file in memory. The configuration file cannot be larger than the buffer size allocation.


Related Commands

Command
Description

boot buffersize

Specifies the size of the file system-simulated NVRAM in Flash memory.

boot config-file

Specifies the filename that IOS uses to read and write a nonvolatile copy of the system configuration.

boot enable-break

Enables interrupting the automatic boot process.

boot manual

Enables manually booting the switch during the next boot cycle.

boot system

Specifies the IOS image to load during the next boot cycle.


show changes

Use the show changes VLAN configuration command to display the differences between the VLAN database currently on the switch and the proposed VLAN database. You can also display the differences between the two for a selected VLAN.

show changes [vlan-id]

Syntax Description

vlan-id

(Optional) ID of the VLAN in the current or proposed database. If this variable is omitted, all the differences between the two VLAN databases are displayed, including the pruning state and Version 2 mode. Valid IDs are from 1 to 1005; do not enter leading zeros.


Command Modes

VLAN configuration

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Examples

This is an example of output from the show changes command. It displays the differences between the current and proposed databases.

Switch(vlan)# show changes

DELETED:
  VLAN ISL Id: 4
    Name: VLAN0004
    Media Type: Ethernet
    VLAN 802.10 Id: 100004
    State: Operational
    MTU: 1500

DELETED:
  VLAN ISL Id: 6
    Name: VLAN0006
    Media Type: Ethernet
    VLAN 802.10 Id: 100006
    State: Operational
    MTU: 1500

MODIFIED:
  VLAN ISL Id: 7
    Current State: Operational
    Modified State: Suspended 

This is an example of output from the show changes 7 command. It displays the differences between VLAN 7 in the current database and the proposed database.

Switch(vlan)# show changes 7

MODIFIED:
  VLAN ISL Id: 7
    Current State: Operational
    Modified State: Suspended 

Related Commands

Command
Description

show current

Displays the current VLAN database on the switch or a selected VLAN from it.

show proposed

Displays the proposed VLAN database or a selected VLAN from it.


show class-map

Use the show class-map privileged EXEC command to display quality of service (QoS) class maps, which define the match criteria to classify traffic.

show class-map [class-map-name] [ | {begin | exclude | include} expression]

Syntax Description

class-map-name

(Optional) Display the contents of the specified class map.

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

Examples

This is an example of output from the show class-map command:

Switch# show class-map class1
 Class Map match-any class1 (id 4)
   Match ip dscp 11 21 

Related Commands

Command
Description

class-map

Creates a class map to be used for matching packets to the class whose name you specify.

match (class-map configuration)

Defines the match criteria (access control lists [ACLs], IP precedence, or IP Differentiated Services Code Point [DSCP] values) to classify traffic.


show cluster

Use the show cluster privileged EXEC command to display the cluster status and a summary of the cluster to which the switch belongs. This command can be entered on command and member switches.

show cluster [ | {begin | exclude | include} expression]

Syntax Description

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

If the switch is not a command switch or a member switch, the command displays an empty line at the prompt.

On a member switch, this command displays the identity of the command switch, the switch member number, and the state of its connectivity with the command switch.

On a command switch, this command displays the cluster name, and the total number of members. It also shows the cluster status and time since the status changed. If redundancy is enabled, it displays the primary and secondary command-switch information.

If you enter this command on a switch that is not a cluster member, the error message Not a management cluster member is displayed.

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

Examples

This is an example of output when the show cluster command is executed on the active command switch:

Switch# show cluster
Command switch for cluster "Ajang"
        Total number of members:        7
        Status:                         1 members are unreachable
        Time since last status change:  0 days, 0 hours, 2 minutes
        Redundancy:                     Enabled
                Standby command switch: Member 1
                Standby Group:          Ajang_standby
                Standby Group Number:   110
        Heartbeat interval:             8
        Heartbeat hold-time:            80
        Extended discovery hop count:   3 

This is an example of output when the show cluster command is executed on a member switch:

Switch1# show cluster
Member switch for cluster "hapuna"
        Member number:                  3
        Management IP address:          192.192.192.192
        Command switch mac address:     0000.0c07.ac14
        Heartbeat interval:             8
        Heartbeat hold-time:            80 

This is an example of output when the show cluster command is executed on a member switch that is configured as the standby command switch:

Switch# show cluster
Member switch for cluster "hapuna"
        Member number:                  3 (Standby command switch)
        Management IP address:          192.192.192.192
        Command switch mac address:     0000.0c07.ac14
        Heartbeat interval:             8
        Heartbeat hold-time:            80 

This is an example of output when the show cluster command is executed on the command switch that is separated from member 1:

Switch# show cluster
Command switch for cluster "Ajang"
        Total number of members:        7
        Status:                         1 members are unreachable
        Time since last status change:  0 days, 0 hours, 5 minutes
        Redundancy:                     Disabled
        Heartbeat interval:             8
        Heartbeat hold-time:            80
        Extended discovery hop count:   3 

This is an example of output when the show cluster command is executed on a member switch that is separated from the command switch:

Switch# show cluster
Member switch for cluster "hapuna"
        Member number:                  <UNKNOWN>
        Management IP address:          192.192.192.192
        Command switch mac address:     0000.0c07.ac14
        Heartbeat interval:             8
        Heartbeat hold-time:            80 

Related Commands

Command
Description

cluster enable

Enables a command-capable switch as the cluster command switch, assigns a cluster name, and optionally assigns a member number to it.

show cluster candidates

Displays a list of candidate switches.

show cluster members

Displays information about the cluster members.


show cluster candidates

Use the show cluster candidates privileged EXEC command on the command switch to display a list of candidate switches.

show cluster candidates [detail | mac-address H.H.H.] [ | {begin | exclude | include} expression]

Syntax Description

detail

(Optional) Display detailed information for all candidates.

mac-address H.H.H.

(Optional) MAC address of the cluster candidate.

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

You should enter this command only on a command switch.

If the switch is not a command switch, the command displays an empty line at the prompt.

The SN in the display means switch member number. If E is displayed in the SN column, it means that the switch is discovered through extended discovery. The hop count is the number of devices the candidate is from the command switch.

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

Examples

This is an example of output from the show cluster candidates command:

Switch# show cluster candidates
                                                             |---Upstream---|
MAC Address    Name         Device Type      PortIf  FEC Hops SN PortIf  FEC
00d0.7961.c4c0 StLouis-2    WS-C3550-12T     Gi0/1        2   1  Fa0/11 
00d0.bbf5.e900 ldf-dist-128 WS-C3524-XL      Fa0/7        1   0  Fa0/24      
00e0.1e7e.be80 1900_Switch  1900             3        0   1   0  Fa0/11      
00e0.1e9f.7a00 Surfers-24   WS-C2924-XL      Fa0/5        1   0  Fa0/3       
00e0.1e9f.8c00 Surfers-12-2 WS-C2912-XL      Fa0/4        1   0  Fa0/7       
00e0.1e9f.8c40 Surfers-12-1 WS-C2912-XL      Fa0/1        1   0  Fa0/9       

This is an example of output from the show cluster candidates command that uses the MAC address of a member switch directly connected to the command switch:

Switch# show cluster candidates mac-address 00d0.7961.c4c0
Device 'Tahiti-12' with mac address number 00d0.7961.c4c0
        Device type:            cisco WS-C3512-XL
        Upstream MAC address:   00d0.796d.2f00 (Cluster Member 0)
        Local port:             Fa0/3   FEC number: 
        Upstream port:          Fa0/13  FEC Number: 
        Hops from cluster edge: 1
        Hops from command device: 1

This is an example of output from the show cluster candidates command that uses the MAC address of a member switch three hops from the cluster edge:

Switch# show cluster candidates mac-address 0010.7bb6.1cc0
Device 'Ventura' with mac address number 0010.7bb6.1cc0
        Device type:            cisco WS-C2912MF-XL
        Upstream MAC address:   0010.7bb6.1cd4
        Local port:             Fa2/1   FEC number: 
        Upstream port:          Fa0/24  FEC Number: 
        Hops from cluster edge: 3
        Hops from command device: -

This is an example of output from the show cluster candidates detail command:

Switch# show cluster candidates detail
Device 'Tahiti-12' with mac address number 00d0.7961.c4c0
        Device type:            cisco WS-C3512-XL
        Upstream MAC address:   00d0.796d.2f00 (Cluster Member 1)
        Local port:             Fa0/3   FEC number: 
        Upstream port:          Fa0/13  FEC Number: 
        Hops from cluster edge: 1
        Hops from command device: 2
	Device '1900_Switch' with mac address number 00e0.1e7e.be80
        Device type:            cisco 1900
        Upstream MAC address:   00d0.796d.2f00 (Cluster Member 2)
        Local port:             3       FEC number: 0
        Upstream port:          Fa0/11  FEC Number: 
        Hops from cluster edge: 1
        Hops from command device: 2
Device 'Surfers-24' with mac address number 00e0.1e9f.7a00
        Device type:            cisco WS-C2924-XL
        Upstream MAC address:   00d0.796d.2f00 (Cluster Member 3)
        Local port:             Fa0/5   FEC number: 
        Upstream port:          Fa0/3   FEC Number: 
        Hops from cluster edge: 1
        Hops from command device: 2

Related Commands

Command
Description

show cluster

Displays the cluster status and a summary of the cluster to which the switch belongs.

show cluster members

Displays information about the cluster members.


show cluster members

Use the show cluster members privileged EXEC command on the command switch to display information about the cluster members.

show cluster members [n | detail] [ | {begin | exclude | include} expression]

Syntax Description

n

(Optional) Number that identifies a cluster member. The range is from 0 to 15.

detail

(Optional) Display detailed information for all cluster members.

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

You should enter this command only on a command switch.

If the cluster has no members, this command displays an empty line at the prompt.

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

Examples

This is an example of output from the show cluster members command. The SN in the display means switch number.

Switch# show cluster members
                                                |---Upstream---|
SN MAC Address    Name         PortIf FEC Hops   SN PortIf  FEC  State
0  0002.4b29.2e00 StLouis1                 0                    Up   (Cmdr)
1  0030.946c.d740 tal-switch-1 Fa0/13      1     0  Gi0/1       Up
2  0002.b922.7180 nms-2820     10      0   2     1  Fa0/18      Up
3  0002.4b29.4400 SanJuan2     Gi0/1       2     1  Fa0/11      Up
4  0002.4b28.c480 GenieTest    Gi0/2       2     1  Fa0/9       Up


This is an example of output from the show cluster members for cluster member 3:

Switch# show cluster members 3
Device 'SanJuan2' with member number 3
        Device type:            cisco WS-C3550-12T
        MAC address:            0002.4b29.4400
        Upstream MAC address:   0030.946c.d740 (Cluster member 1)
        Local port:             Gi0/1   FEC number:
        Upstream port:          Fa0/11  FEC Number:
        Hops from command device: 2    

This is an example of output from the show cluster members detail command:

Switch# show cluster members detail
Device 'StLouis1' with member number 0 (Command Switch)
        Device type:            cisco WS-C3550-12T
        MAC address:            0002.4b29.2e00
        Upstream MAC address:
        Local port:                     FEC number:
        Upstream port:                  FEC Number:
        Hops from command device: 0                 
Device 'tal-switch-14' with member number 1
        Device type:            cisco WS-C3548-XL
        MAC address:            0030.946c.d740
        Upstream MAC address:   0002.4b29.2e00 (Cluster member 0)
        Local port:             Fa0/13  FEC number:
        Upstream port:          Gi0/1   FEC Number:
        Hops from command device: 1                   
Device 'nms-2820' with member number 2
        Device type:            cisco 2820
        MAC address:            0002.b922.7180
        Upstream MAC address:   0030.946c.d740 (Cluster member 1)
        Local port:             10      FEC number: 0
        Upstream port:          Fa0/18  FEC Number:
        Hops from command device: 2                        
Device 'SanJuan2' with member number 3
        Device type:            cisco WS-C3550-12T
        MAC address:            0002.4b29.4400
        Upstream MAC address:   0030.946c.d740 (Cluster member 1)
        Local port:             Gi0/1   FEC number:
        Upstream port:          Fa0/11  FEC Number:
        Hops from command device: 2
Device 'GenieTest' with member number 4
        Device type:            cisco SeaHorse
        MAC address:            0002.4b28.c480
        Upstream MAC address:   0030.946c.d740 (Cluster member 1)
        Local port:             Gi0/2   FEC number:
        Upstream port:          Fa0/9   FEC Number:
        Hops from command device: 2
Device 'Palpatine' with member number 5
        Device type:            cisco WS-C2924M-XL
        MAC address:            00b0.6404.f8c0
        Upstream MAC address:   0002.4b29.2e00 (Cluster member 0)
        Local port:             Gi2/1   FEC number:
        Upstream port:          Gi0/7   FEC Number:
        Hops from command device: 1                            

Related Commands

Command
Description

show cluster

Displays the cluster status and a summary of the cluster to which the switch belongs.

show cluster candidates

Displays a list of candidate switches.


show controllers cpu-interface

Use the show controllers cpu-interface privileged EXEC command to display the state of the CPU network interface application-specific integrated circuit (ASIC) and the send and receive statistics for packets reaching the CPU.

show controllers cpu-interface [ | {begin | exclude | include} expression]

Syntax Description

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

This display provides information that might be useful for Cisco technical support representatives troubleshooting the switch.

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

Examples

This is a partial output example from the show controllers cpu- interface command:

Switch# show controllers cpu-interface
stp packets = 134138472
ram access packets = 29206188
routing protocol packets = 86328
forwarding packets = 0
routing packets = 10385
L2 protocol packets = 689675
igmp snooping protocol packets = 2686727
addr learning packets = 0
icmp redirect packets = 0
icmp unreachable packets = 0
logging packets = 0
addr learning packets = 2058
rpffail packets = 0
queue13 = 0
queue14 = 0
queue15 = 0
RAM Access:
   11343623 sends   29206188 read replies      89491 write replies
   11343493 completed        129 retries          0 expedite toggles
          0 nomem          0 errors
SCInstance = 0x9B11B0
SCInstance fields: fs_notify_failed = 0, no_fsd_space = 0
           invalid_frames = 0, unexpected_valid_frames = 0
           too_large_frames = 0
           Aged frames from notify queues and unexpected retrieves:
               aged_frames[0] = 0, unexpected_retrieves[0] = 0
               aged_frames[1] = 0, unexpected_retrieves[1] = 0
               aged_frames[2] = 0, unexpected_retrieves[2] = 0
               aged_frames[3] = 0, unexpected_retrieves[3] = 0

<output truncated>

               aged_frames[15] = 0, unexpected_retrieves[15] = 0
           sc_cpu_buffer = 0x80000000, sc_regs = 0x81000000
           sc_notify_ram = 0x81010000
CPU Interface registers:
    0x810004A4:storage_congestion_time = 0x10
    0x810004A8:channel_number = 0x3120F
   0x810004AC:cpu_buffer_control = 0x1
   0x810004B0:current_time = 0x0

<output truncated>
0 0x81000574:cpu_buffer_diagnostics[2] = 0x0
    0x81000000:retrieval_info[0]:
        start_ptr = 0x8007A240, end_ptr = 0x8007A33F, read_ptr = 0x8007A2B0, wri
te_ptr = 0x8007A2B0
        requested_bytes 0x5F4, flags 0x40000007
    0x81000020:retrieval_info[1]:

<output truncated>

Related Commands

Command
Description

show controllers ethernet-controller

Displays per-interface transmit and receive statistics read from the hardware or the interface internal registers.

show interfaces

Displays the administrative and operational status of all interfaces or a specified interface.


show controllers ethernet-controller

Use the show controllers ethernet-controller privileged EXEC command without keywords to display per-interface transmit and receive statistics read from the hardware. Use with keywords to display the interface internal registers.

show controllers ethernet-controller interface-id [asic | phy] [ | {begin | exclude | include} expression]

Syntax Description

interface-id

The physical interface.

asic

(Optional) Display the state of the internal registers on the forwarding application-specific integrated circuit (ASIC) for the interface.

phy

(Optional) Display the status of the internal registers on the switch physical layer device (PHY) for the interface.

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

This display without keywords provides traffic statistics, basically the RMON statistics for the interface.

When you enter the asic or phy keyword, the displayed information is useful primarily for Cisco technical support representatives troubleshooting the switch.

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

Examples

This is an example of output from the show controllers ethernet-controller command:

Switch# show controllers ethernet-controller gigabitethernet0/2

  Transmit GigabitEthernet0/2        Receive
3617834078 Bytes                 39726165 Bytes
    419261 Unicast frames          161535 Unicast frames
  82798461 Multicast frames        146421 Multicast frames
     12718 Broadcast frames             1 Broadcast frames
         0 Discarded frames             0 No dest, unicast
         0 Too old frames              43 No dest, multicast
         0 Deferred frames              0 No dest, broadcast
         0  1 collision frames
         0  2 collision frames          0 Alignment errors
         0  3 collision frames          0 FCS errors
         0  4 collision frames          0 Oversize frames
         0  5 collision frames          0 Undersize frames
         0  6 collision frames          0 Collision fragments
         0  7 collision frames
         0  8 collision frames     220108 Minimum size frames
         0  9 collision frames      60959 65 to 127 byte frames
         0 10 collision frames          0 128 to 255 byte frames
         0 11 collision frames      26931 256 to 511 byte frames
         0 12 collision frames          0 512 to 1023 byte frames
         0 13 collision frames          0 1024 to 1518 byte frames
         0 14 collision frames
         0 15 collision frames          0 Flooded frames
         0 Excessive collisions         0 Overrun frames
         0 Late collisions             16 VLAN filtered frames
         0 Good (1 coll) frames         0 Source routed frames
         0 Good(>1 coll) frames         0 Valid oversize frames
         0 Pause frames                 0 Pause frames
         0 VLAN discard frames          0 Symbol error frames
         0 Excess defer frames          0 Invalid frames, too large
         0 Too large frames             0 Valid frames, too large
  80469577 64 byte frames               0 Invalid frames, too small
   2605574 127 byte frames              3 Valid frames, too small
     58711 255 byte frames
     26956 511 byte frames
     70222 1023 byte frames
         0 1518 byte frames

Related Commands

Command
Description

show controllers cpu-interface

Displays the state of the CPU network ASIC and send and receive statistics for packets reaching the CPU.

show interfaces

Displays the administrative and operational status of all interfaces or a specified interface.


show controllers switch

Use the show controllers switch privileged EXEC command to display the settings of the resource-allocation priority or the wirespeed-store feature.

show controllers switch {resource-allocation priority | wirespeed-store} [ | {begin | exclude | include} expression]

Syntax Description

resource-allocation priority

Display the resource-allocation priority setting.

wirespeed-store

Display the wirespeed setting.

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(6)EA1

This command was first introduced.


Usage Guidelines

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

Examples

This is an example of output from the show controllers switch resource-allocation priority command.

Switch# show controllers resource-allocation priority

Switch Priority Resource Allocation is enabled.

Related Commands

Command
Description

switchcore resource-allocation priority

switchcore wirespeed-store

Reserves switch resources for high-priority traffic or gives buffer storage more priority than packet retrieval.


show controllers tcam

Use the show controllers tcam privileged EXEC command to display the state of the registers for all ternary content addressable memory (TCAM) in the system and for all TCAM interface application-specific integrated circuits (ASICs) that are CAM controllers.

show controllers tcam [ | {begin | exclude | include} expression]

Syntax Description

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

This display provides information that might be useful for Cisco technical support representatives troubleshooting the switch.

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

Examples

This is an example of output from the show controllers tcam command:

Switch# show controllers tcam
CAM Controller 1:
  Revision: 5A5A5A00, Control: 0000025F, Status: 00000000.
  CAM 1:
    Revision: 00 00000000 00B30101
    Size: 00 00000000 00080040
    Device ID: 00 00000000 00000000
    Config: 00 00000000 88000002
    ReplyID[0]: 00 00000000 00000000
    ReplyID[1]: 00 00000000 00000000
    ReplyID[2]: 00 00000000 00000000
    ReplyID[3]: 00 00000000 00000000
    Hit Result[0]: 00 00000000 00000000
    Hit Result[1]: 00 00000000 00000000
    Hit Result[2]: 00 00000000 00000000
    Hit Result[3]: 00 00000000 00000000
    Hit Result[4]: 00 00000000 00000000
    Hit Result[5]: 00 00000000 00000000
    Hit Result[6]: 00 00000000 00000000
    Hit Result[7]: 00 E00004E8 40001A63
    Global Mask[10]: FF FFFFFFFF FFFFFFFF
    Global Mask[11]: FF FFFFFFFF FFFFFFFF
    Global Mask[12]: FF FFFFFFFF FFFFFFFF
    Global Mask[13]: FF FFFFFFFF FFFFFFFF
    Global Mask[14]: FF FFFFFFFF FFFFFFFF
    Global Mask[15]: FF FFFFFFFF FFFFFFFF
    Global Mask[16]: FF FFFFFFFF FFFFFFFF
    Global Mask[20]: FF FFFFFFFF FFFFFFFF
    Global Mask[21]: FF FFFFFFFF FFFFFFFF
    Global Mask[22]: FF FFFFFFFF FFFFFFFF
    Global Mask[23]: FF FFFFFFFF FFFFFFFF
    Global Mask[24]: FF FFFFFFFF FFFFFFFF
    Global Mask[25]: FF FFFFFFFF FFFFFFFF
    Global Mask[26]: FF FFFFFFFF FFFFFFFF
    Global Mask[27]: FF FFFFFFFF FFFFFFFF
    Global Mask[30]: FF FFFFFFFF FFFFFFFF
    Global Mask[31]: FF FFFFFFFF FFFFFFFF
    Global Mask[32]: FF FFFFFFFF FFFFFFFF
    Global Mask[33]: FF FFFFFFFF FFFFFFFF
  CAM 2:
    Revision: 00 00000000 00B30101
    Size: 00 00000000 00080040
    Device ID: 00 00000000 00000001
    Config: 00 00000000 B8000022
    ReplyID[0]: 00 01010101 01010101
    ReplyID[1]: 00 01010101 01010101
   ReplyID[2]: 00 01010101 01010101
   ReplyID[3]: 00 01010101 01010101
   Hit Result[0]: 00 00000000 00000000
   Hit Result[1]: 00 00000000 00000000
   Hit Result[2]: 00 00000000 00000000
   Hit Result[3]: 00 00000000 00000000
   Hit Result[4]: 00 00000000 00000000
   Hit Result[5]: 00 00000000 00000000
   Hit Result[6]: 00 00000000 00000000
   Hit Result[7]: 00 60003880 C00011D3
   Global Mask[10]: FF FFFFFFFF FFFFFFFF
   Global Mask[11]: FF FFFFFFFF FFFFFFFF
   Global Mask[12]: FF FFFFFFFF FFFFFFFF
   Global Mask[13]: FF FFFFFFFF FFFFFFFF
   Global Mask[14]: FF FFFFFFFF FFFFFFFF
   Global Mask[15]: FF FFFFFFFF FFFFFFFF
   Global Mask[16]: FF FFFFFFFF FFFFFFFF
   Global Mask[20]: FF FFFFFFFF FFFFFFFF
   Global Mask[21]: FF FFFFFFFF FFFFFFFF
   Global Mask[22]: FF FFFFFFFF FFFFFFFF

<output truncated>

show current

Use the show current VLAN configuration command to display the current VLAN database on the switch or a selected VLAN from it.

show current [vlan-id]

Syntax Description

vlan-id

(Optional) ID of the VLAN in the current database. If this variable is omitted, the entire VLAN database displays, included the pruning state and Version 2 mode.
Valid IDs are from 1 to 1005; do not enter leading zeros.


Command Modes

VLAN configuration

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Examples

This is an example of output from the show current command. It displays the current VLAN database.

Switch(vlan)# show current
VLAN ISL Id: 1
    Name: default
    Media Type: Ethernet
    VLAN 802.10 Id: 100001
    State: Operational
    MTU: 1500
    Translational Bridged VLAN: 1002
    Translational Bridged VLAN: 1003

  VLAN ISL Id: 20
    Name: VLAN0020
    Media Type: Ethernet
    VLAN 802.10 Id: 100020
    State: Operational
    MTU: 1500

<output truncated>
VLAN ISL Id: 1002
    Name: fddi-default
    Media Type: FDDI
    VLAN 802.10 Id: 101002
    State: Operational
    MTU: 1500
    Bridge Type: SRB
    Translational Bridged VLAN: 1
    Translational Bridged VLAN: 10
VLAN ISL Id: 1003
    Name: token-ring-default
    Media Type: Token Ring
    VLAN 802.10 Id: 101003
    State: Operational
    MTU: 1500
    Bridge Type: SRB
    Ring Number: 0
    Bridge Number: 1
    Parent VLAN: 1005
    Maximum ARE Hop Count: 7
    Maximum STE Hop Count: 7
    Backup CRF Mode: Disabled
    Translational Bridged VLAN: 1
    Translational Bridged VLAN: 1002

VLAN ISL Id: 1004
    Name: fddinet-default
    Media Type: FDDI Net
    VLAN 802.10 Id: 101004
    State: Operational
    MTU: 1500
    Bridge Type: SRB
    Bridge Number: 1
    STP Type: IBM

  VLAN ISL Id: 1005
    Name: trnet-default
    Media Type: Token Ring Net
    VLAN 802.10 Id: 101005
    State: Operational
    MTU: 1500
    Bridge Type: SRB
    Bridge Number: 1
    STP Type: IBM 

This is an example of output from the show current 20 command. It displays only VLAN 20 of the current database.

Switch(vlan)# show current 20
Perdido1(vlan)#show current 20
  VLAN ISL Id: 20
    Name: VLAN0020
    Media Type: Ethernet
    VLAN 802.10 Id: 100020
    State: Operational
    MTU: 1500 

Related Commands

Command
Description

show changes

Displays the differences between the VLAN database currently on the switch and the proposed VLAN database.

show proposed

Displays the proposed VLAN database or a selected VLAN from it.


show dot1x

Use the show dot1x privileged EXEC command to display 802.1X statistics, administrative status, and operational status for the switch or for the specified interface.

show dot1x [statistics] [interface interface-id] [ | {begin | exclude | include} expression]

Syntax Description

statistics

(Optional) Display 802.1X statistics.

interface interface-id

(Optional) Display the 802.1X status for the specified port.

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(8)EA1

This command was first introduced.


Usage Guidelines

If you do not specify an interface, global parameters and a summary are displayed. If you specify an interface, details for that interface are displayed.

If you specify the statistics keyword without the interface interface-id option, statistics are displayed for all interfaces. If you specify the statistics keyword with the interface interface-id option, statistics are displayed for the specified interface.

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

Examples

This is an example of output from the show dot1x privileged EXEC command:

Switch# show dot1x

Global 802.1X Parameters 
reauth-enabled               yes 
reauth-period               3600 
quiet-period                  60 
tx-period                     30 
supp-timeout                  30 
server-timeout                30 
reauth-max                     2 
max-req                        2

802.1X Port Summary 
Port Name                Status      Mode                Authorized          
Gi0/1                    disabled    n/a                 n/a                 
Gi0/2                    enabled     Auto (negotiate)    yes                 
Gi0/3                    disabled    n/a                 n/a                 
Gi0/4                    disabled    n/a                 n/a                 
Gi0/5                    disabled    n/a                 n/a                 
Gi0/6                    disabled    n/a                 n/a                 
Gi0/7                    disabled    n/a                 n/a                 
Gi0/8                    disabled    n/a                 n/a                 
Gi0/9                    disabled    n/a                 n/a                 
Gi0/10                   disabled    n/a                 n/a                 
Gi0/11                   disabled    n/a                 n/a                 
Gi0/12                   disabled    n/a                 n/a

802.1X Port Details
802.1X is disabled on GigabitEthernet0/1

802.1X is enabled on GigabitEthernet0/2
 Status                Unauthorized
 Port-control          Auto
 Supplicant            0060.b0f8.fbfb
 Multiple Hosts        Disallowed
 Current Identifier    2

Authenticator State Machine
 State               AUTHENTICATING
 Reauth Count        1

Backend State Machine
 State               RESPONSE
 Request Count       0
 Identifier (Server) 2

Reauthentication State Machine
 State               INITIALIZE

802.1X is disabled on GigabitEthernet0/3

802.1X is disabled on GigabitEthernet0/4

<output truncated>

Note In the previous display, the supp-timeout, server-timeout, and reauth-max values in the Global 802.1X Parameters section are not configurable. When relaying a request from the RADIUS authentication server to the client, the supp-timeout is the amount of time the switch waits for a response before it resends the request. When relaying a response from the client to the RADIUS authentication server, the server-timeout is the amount of time the switch waits for a reply before it resends the response. The reauth-max parameter is the maximum number of times that the switch tries to authenticate the client without receiving any response before the switch resets the port and restarts the authentication process.


In the 802.1X Port Summary section of the display, the Status column shows whether the port is enabled for 802.1X (the dot1x port-control interface configuration command is set to auto or force-unauthorized). The Mode column shows the operational status of the port; for example, if you configure the dot1x port-control interface configuration command to force-unauthorized, but the port has not transitioned to that state, the Mode column displays auto. If you disable 802.1X, the Mode column displays n/a.

The Authorized column shows the authorization state of the port. For information about port states, refer to the "Configuring 802.1X Port-Based Authentication" chapter in the Catalyst 3550 Multilayer Switch Software Configuration Guide.

This is an example of output from the show dot1x interface gigabitethernet0/2 privileged EXEC command. Table 2-13 describes the fields in the display.

Switch# show dot1x interface gigabitethernet0/2

802.1X is enabled on GigabitEthernet0/2 
  Status                Authorized 
  Port-control          Auto 
  Supplicant            0060.b0f8.fbfb 
  Multiple Hosts        Disallowed 
  Current Identifier    3

  Authenticator State Machine 
    State               AUTHENTICATED 
    Reauth Count        0

  Backend State Machine 
    State               IDLE 
    Request Count       0 
    Identifier (Server) 2

  Reauthentication State Machine 
    State               INITIALIZE

Table 2-13 show dot1x interface Field Description

Field
Description

802.1X is enabled on GigabitEthernet0/2

 

Status

Status of the port (authorized or unauthorized). The status of a port is displayed as authorized if the dot1x port-control interface configuration command is set to auto and has successfully completed authentication.

Port-control

Setting of the dot1x port-control interface configuration command.

Supplicant

Ethernet MAC address of the client, if one exists. If the switch has not discovered the client, this field displays Not set.

Multiple Hosts

Setting of the dot1x multiple-hosts interface configuration command (allowed or disallowed).

Current Identifier1

Each exchange between the switch and the client includes an identifier, which matches requests with responses. This number is incremented with each exchange and can be reset by the authentication server.

1 This field and the remaining fields in the display show internal state information. For a detailed description of these state machines and their settings, refer to the IEEE 802.1X specification.


This is an example of output from the show dot1x statistics interface gigabitethernet0/3 command. Table 2-14 describes the fields in the display.

Switch# show dot1x statistics interface gigabitethernet0/3

GigabitEthernet0/3

    Rx: EAPOL     EAPOL     EAPOL     EAPOL     EAP       EAP       EAP
        Start     Logoff    Invalid   Total     Resp/Id   Resp/Oth  LenError
        0         0         0         21        0         0         0

        Last      Last
        EAPOLVer  EAPOLSrc
        1         0002.4b29.2a03

    Tx: EAPOL     EAP       EAP
        Total     Req/Id    Req/Oth
        622       445       0 

Table 2-14 show dot1x statistics Field Descriptions 

Field
Description

RX EAPOL Start

Number of valid EAPOL-start frames that have been received

RX EAPOL Logoff

Number of EAPOL-logoff frames that have been received

RX EAPOL Invalid

Number of EAPOL frames that have been received and have an unrecognized frame type

RX EAPOL Total

Number of valid EAPOL frames of any type that have been received

RX EAP Resp/ID

Number of EAP-response/identity frames that have been received

RX EAP Resp/Oth

Number of valid EAP-response frames (other than response/identity frames) that have been received

RX EAP LenError

Number of EAPOL frames that have been received in which the packet body length field is invalid

Last EAPOLVer

Protocol version number carried in the most recently received EAPOL frame

LAST EAPOLSrc

Source MAC address carried in the most recently received EAPOL frame

TX EAPOL Total

Number of EAPOL frames of any type that have been sent

TX EAP Req/Id

Number of EAP-request/identity frames that have been sent

TX EAP Req/Oth

Number of EAP-request frames (other than request/identity frames) that have been sent


Related Commands

Command
Description

dot1x default

Resets the configurable 802.1X parameters to their default values.


show env

Use the show env privileged EXEC command to display fan and temperature information for the switch.

show env {all | fan | temperature} [ | {begin | exclude | include} expression]

Syntax Description

all

Display both fan and temperature environmental status.

fan

Display the switch fan status.

temperature

Display the switch temperature status.

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

Examples

This is an example of output from the show env all command:

Switch# show env all
FAN is FAULTY
TEMPERATURE is OK 

This is an example of output from the show env fan command:

Switch# show env fan
FAN is OK

show errdisable detect

Use the show errdisable detect privileged EXEC command to display error-disable detection status.

show errdisable detect [ | {begin | exclude | include} expression]

Syntax Description

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

Examples

This is an example of output from the show errdisable detect command:

Switch# show errdisable detect
ErrDisable Reason    Detection status
-----------------    ----------------
udld                 Enabled
bpduguard            Enabled
pagp-flap            Enabled
dtp-flap             Enabled
link-flap            Enabled

Related Commands

Command
Description

errdisable detect cause

Enables error disable detection for a specific cause or all causes.

show errdisable recovery

Displays error disable recovery timer information.

show errdisable flap-values

Displays error condition recognition information.

show interfaces status

Displays interface status or a list of interfaces in error-disabled state.


show errdisable flap-values

Use the show errdisable flap-values privileged EXEC command to display conditions that cause an error to be recognized for a cause.

show errdisable flap-values [ | {begin | exclude | include} expression]

Syntax Description

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

The Flaps column in the display shows how many changes to the state within the specified time interval will cause an error to be detected and a port to be disabled. For example, the display shows that an error will be assumed and the port shut down if 5 link-state (link up/down) changes occur during a 10-second interval, or if 3 DTP-state (port mode access/trunk) changes occur during a 30-second interval.

ErrDisable Reason    Flaps    Time (sec)
-----------------    ------   ----------
dtp-flap               3       30
link-flap              5       10

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

Examples

This is an example of output from the show errdisable flap-values command:

Switch# show errdisable flap-values
ErrDisable Reason    Flaps    Time (sec)
-----------------    ------   ----------
pagp-flap              3       30
dtp-flap               3       30
link-flap              5       10

Related Commands

Command
Description

errdisable detect cause

Enables error disable detection for a specific cause or all causes.

show errdisable detect

Displays error disable detection status.

show errdisable recovery

Displays error disable recovery timer information.

show interfaces status

Displays interface status or a list of interfaces in error-disabled state.


show errdisable recovery

Use the show errdisable recovery privileged EXEC command to display the error-disable recovery timer information.

show errdisable recovery [ | {begin | exclude | include} expression]

Syntax Description

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

Examples

This is an example of output from the show errdisable recovery command:

Switch# show errdisable recovery
ErrDisable Reason    Timer Status
-----------------    --------------
udld                 Enabled
bpduguard            Enabled
channel-misconfig    Disabled
pagp-flap            Enabled
dtp-flap             Enabled
link-flap            Enabled

Timer interval:300 seconds

Interfaces that will be enabled at the next timeout:

Interface    Errdisable reason    Time left(sec)
---------    -----------------    --------------
Gi0/4           link-flap             279 

Related Commands

Command
Description

errdisable recovery

Configures the recover mechanism variables.

show errdisable detect

Displays error disable detection status.

show errdisable flap-values

Displays error condition recognition information.

show interfaces status

Displays interface status or a list of interfaces in error-disabled state.


show etherchannel

Use the show etherchannel privileged EXEC command to display EtherChannel information for a channel.

show etherchannel [channel-group-number] {brief | detail | load-balance | port | port-channel | summary} [ | {begin | exclude | include} expression]

Syntax Description

channel-group-number

(Optional) Number of the channel group. Valid numbers range from 1 to 64.

brief

Display a summary of EtherChannel information.

detail

Display detailed EtherChannel information.

load-balance

Display the load-balance or frame-distribution scheme among ports in the port channel.

port

Display EtherChannel port information.

port-channel

Display port-channel information.

summary

Display a one-line summary per channel-group.

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

If you do not specify a channel-group, all channel groups are displayed.

In the output, the Passive port list field is displayed only for Layer 3 port channels. This field means that the physical interface, which is still not up, is configured to be in the channel group (and indirectly is in the only port channel in the channel group).

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

Examples

This is an example of output from the show etherchannel 1 detail command:

Switch# show etherchannel 1 detail
Group state = L2 
Ports: 2   Maxports = 8 
Port-channels: 1 Max Port-channels = 1
                Ports in the group:
                -------------------
Port: Gi0/1
------------

Port state    = Up Mstr In-Bndl 
Channel group = 1           Mode = Desirable-Sl     Gcchange = 0
Port-channel  = Po1         GC   = 0x00010001    Pseudo port-channel = Po1
Port index    = 0           Load = 0x00

Flags:  S - Device is sending Slow hello.  C - Device is in Consistent state.
        A - Device is in Auto mode.        P - Device learns on physical port.
        d - PAgP is down.
Timers: H - Hello timer is running.        Q - Quit timer is running.
        S - Switching timer is running.    I - Interface timer is running.

Local information:
                                Hello    Partner  PAgP     Learning  Group
Port      Flags State   Timers  Interval Count   Priority   Method  Ifindex
Gi0/1     SC    U6/S7   H       30s      1        128        Any      16
          
Partner's information:

          Partner              Partner          Partner         Partner Group
Port      Name                 Device ID        Port       Age  Flags   Cap.
Gi0/1     vegas-p2             0002.4b29.4600   Gi0/1        9s SC      10001 

Age of the port in the current state: 00d:00h:07m:52s
Port: Gi0/2
------------

Port state    = Up Mstr In-Bndl 
Channel group = 1           Mode = Desirable-Sl     Gcchange = 0
Port-channel  = Po1         GC   = 0x00010001    Pseudo port-channel = Po1
Port index    = 0           Load = 0x00

Flags:  S - Device is sending Slow hello.  C - Device is in Consistent state.
        A - Device is in Auto mode.        P - Device learns on physical port.
        d - PAgP is down.
Timers: H - Hello timer is running.        Q - Quit timer is running.
        S - Switching timer is running.    I - Interface timer is running.

Local information:
                                Hello    Partner  PAgP     Learning  Group
Port      Flags State   Timers  Interval Count   Priority   Method  Ifindex
Gi0/2     SC    U6/S7   H       30s      1        128        Any      16

Partner's information:

          Partner              Partner          Partner         Partner Group
Port      Name                 Device ID        Port       Age  Flags   Cap.
Gi0/2     vegas-p2             0002.4b29.4600   Gi0/2        4s SC      10001 

Age of the port in the current state: 00d:00h:07m:55s
                Port-channels in the group: 
                ----------------------
Port-channel: Po1
------------

Age of the Port-channel   = 00d:00h:08m:28s
Logical slot/port   = 1/0           Number of ports = 2
GC                  = 0x00010001      HotStandBy port = null
Port state          = Port-channel Ag-Inuse 

Ports in the Port-channel: 
          
Index   Load   Port    EC state
------+------+------+------------
  0     00     Gi0/1    desirable-sl  
  0     00     Gi0/2    desirable-sl  

Time since last port bundled:    00d:00h:07m:56s    Gi0/1

This is an example of output from the show etherchannel 1 summary command:

Switch# show etherchannel 1 summary
Flags:  D - down        P - in port-channel
        I - stand-alone s - suspended
        R - Layer3      S - Layer2
        U - port-channel in use
Group Port-channel  Ports
-----+------------+-----------------------------------------------------------
1     Po1(SU)     Gi0/1(P)   Gi0/2(P) 

This is an example of output from the show etherchannel 1 brief command:

Switch# show etherchannel 1 brief
Group state = L2 
Ports: 2   Maxports = 8 
Port-channels: 1 Max Port-channels = 1

This is an example of output from the show etherchannel 1 port-channel command:

Switch# show etherchannel 1 port-channel 
Port-channels in the group: 
                ----------------------

Port-channel: Po1
------------

Age of the Port-channel   = 00d:00h:10m:41s
Logical slot/port   = 1/0           Number of ports = 2
GC                  = 0x00010001      HotStandBy port = null
Port state          = Port-channel Ag-Inuse 

Ports in the Port-channel: 

Index   Load   Port    EC state
------+------+------+------------
  0     00     Gi0/1    desirable-sl  
  0     00     Gi0/2    desirable-sl  

Time since last port bundled:    00d:00h:10m:08s    Gi0/1

This is an example of output from the show etherchannel 1 port command:

Switch# show etherchannel 1 port
Port: Gi0/1
------------

Port state    = Up Mstr In-Bndl 
Channel group = 1           Mode = Desirable-Sl     Gcchange = 0
Port-channel  = Po1         GC   = 0x00010001    Pseudo port-channel = Po1
Port index    = 0           Load = 0x00

Flags:  S - Device is sending Slow hello.  C - Device is in Consistent state.
        A - Device is in Auto mode.        P - Device learns on physical port.
        d - PAgP is down.
Timers: H - Hello timer is running.        Q - Quit timer is running.
        S - Switching timer is running.    I - Interface timer is running.

Local information:
                                Hello    Partner  PAgP     Learning  Group
Port      Flags State   Timers  Interval Count   Priority   Method  Ifindex
Gi0/1     SC    U6/S7   H       30s      1        128        Any      16

Partner's information:

          Partner              Partner          Partner         Partner Group
Port      Name                 Device ID        Port       Age  Flags   Cap.
Gi0/1     vegas-p2             0002.4b29.4600   Gi0/1       21s SC      10001 

Age of the port in the current state: 00d:00h:09m:02s
Port: Gi0/2
------------

Port state    = Up Mstr In-Bndl 
Channel group = 1           Mode = Desirable-Sl     Gcchange = 0
Port-channel  = Po1         GC   = 0x00010001    Pseudo port-channel = Po1
Port index    = 0           Load = 0x00

Flags:  S - Device is sending Slow hello.  C - Device is in Consistent state.
        A - Device is in Auto mode.        P - Device learns on physical port.
        d - PAgP is down.
Timers: H - Hello timer is running.        Q - Quit timer is running.
        S - Switching timer is running.    I - Interface timer is running.

Local information:
                                Hello    Partner  PAgP     Learning  Group
Port      Flags State   Timers  Interval Count   Priority   Method  Ifindex
Gi0/2     SC    U6/S7   H       30s      1        128        Any      16
          
Partner's information:

          Partner              Partner          Partner         Partner Group
Port      Name                 Device ID        Port       Age  Flags   Cap.
Gi0/2     vegas-p2             0002.4b29.4600   Gi0/2       21s SC      10001 

Age of the port in the current state: 00d:00h:09m:04s

Related Commands

Command
Description

channel-group

Assigns an Ethernet interface to an EtherChannel group.

interface port-channel

Accesses or creates the port channel.


show fm interface

Use the show fm interface privileged EXEC command to display per-interface feature-manager information. Use it with the show fm label command to determine which features were able to fit into the hardware.

show fm interface interface-id | [ | {begin | exclude | include} expression]

Syntax Description

interface-id

Specify an interface; valid interfaces include:

physical interface—type and port number.

port channel—port-channel port-channel-number (1 to 64).

null—null 0.

VLAN—vlan vlan-id (1 to 1001). VLAN interfaces are VLANs that have a switch virtual interface (SVI) assigned.

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

Examples

This is an example of output from the show fm interface gigabitethernet0/12 command:

Switch# show fm interface gigabitethernet0/12
Input Label: 0 (default)
Output Label: 0 (default)
Priority: normal

Related Commands

Command
Description

show fm vlan

Displays per-VLAN feature manager information.

show fm label

Displays feature-manager information for a specified label and lists features associated with that label that were not able to fit into the hardware.


show fm label

Use the show fm label privileged EXEC command to display feature-manager information for a specified label to list features associated with that label that were not able to fit in the hardware.

show fm label label-number [ | {begin | exclude | include} expression]

Syntax Description

label-number

Label number from 0 to 255

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

An unloaded indicator in the output means that the feature was not loaded in the hardware. To allocate more system resources to maximize the number of security ACLs that can fit in the hardware, you can use the sdm prefer access global configuration command to set the Switch Database Management feature to the access template.

If the output shows a merge failure, using the sdm prefer access command has no effect.

Examples

This is an example of output from the show fm label command when there has been a merge failure on an input access-group:

Switch# show fm label 1
Unloaded due to merge failure or lack of space:
  InputAccessGroup 
  Merge Fail:input
Input Features:
  Interfaces or VLANs: Vl1
  Priority:normal
  Vlan Map:(none)
  Access Group:131, 6788 VMRs
  Multicast Boundary:(none), 0 VMRs
Output Features:
  Interfaces or VLANs:
  Priority:low
  Bridge Group Member:no
  Vlan Map:(none)
  Access Group:(none), 0 VMRs

This is an example of output from the show fm label command when there was not enough room for an input access group in the hardware:

Switch# show fm label 1
Unloaded due to merge failure or lack of space:
  InputAccessGroup 
Input Features:
  Interfaces or VLANs: Vl1
  Priority:normal
  Vlan Map:(none)
  Access Group:bigone, 11 VMRs
  Multicast Boundary:(none), 0 VMRs
Output Features:
  Interfaces or VLANs:
  Priority:low
  Bridge Group Member:no
  Vlan Map:(none)
  Access Group:(none), 0 VMRs

This is an example of output from the show fm label command when there was not enough room for the input access group or the output access group on the label. Note that the access groups were configured on two different interfaces. Labels are assigned independently for input and output.

Switch# show fm label 1
Unloaded due to merge failure or lack of space:
  InputAccessGroup OutputAccessGroup 
Input Features:
  Interfaces or VLANs: Vl1
  Priority:normal
  Vlan Map:(none)
  Access Group:bigone, 11 VMRs
  Multicast Boundary:(none), 0 VMRs
Output Features:
  Interfaces or VLANs: Vl2
  Priority:normal
  Bridge Group Member:no
  Vlan Map:(none)
  Access Group:bigtwo, 11 VMRs

Related Commands

Command
Description

show fm interface

Displays per-interface feature manager information.

show fm vlan

Displays per-VLAN feature manager information.


show fm vlan

Use the show fm vlan privileged EXEC command to display per-VLAN feature-manager information. Use with the show fm label command to determine which features were able to fit into the hardware.

show fm vlan vlan-id [ | {begin | exclude | include} expression]

Syntax Description

vlan-id

Any VLAN ID, whether or not a switch virtual interface (SVI) has been assigned. The range is 1 to 1001.

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

Examples

This is an example of output from the show fm vlan 1 command. It displays the label used in hardware for VLAN feature configuration.

Switch# show fm vlan 1
Input Label: 0 (default)
Output Label: 0 (default)
Priority: normal

Related Commands

Command
Description

show fm interface

Displays per-interface feature manager information.

show fm label

Displays feature-manager information for a specified label and lists features associated with that label that were not able to fit into the hardware.



show forward

Use the show forward privileged EXEC command for an interface to determine how the hardware would forward a frame that matches the specified parameters.

show forward interface-id [vlan vlan-id] src-mac dst-mac [ex-class] [ex-l4op] [ex-qos] [ex-sig] | {begin | exclude | include} expression]

show forward interface-id [vlan vlan-id] src-mac dst-mac [ip src-ip dst-ip [option] [frag fragment] [dscp dscp] {protocol-num | {icmp icmp-type icmp-code} | {igmp igmp-version igmp-type} | {tcp src-port dst-port flags} | {udp src-port dst-port}}] [ex-class] [ex-l4op] [ex-qos] [ex-sig] [ | {begin | exclude | include} expression]

show forward interface-id [vlan vlan-id] src-mac dst-mac sap lsap [cos cos] [ex-class] [ex-l4op] [ex-qos] [ex-sig] [ | {begin | exclude | include} expression]

show forward interface-id [vlan vlan-id] src-mac dst-mac snap ethertype [cos cos] [ex-class] [ex-l4op] [ex-qos] [ex-sig] [ | {begin | exclude | include} expression]

Syntax Description

interface-id

The input physical interface.

vlan vlan-id

(Optional) Input VLAN ID. The range is 1 to 1001. If not specified, and the input interface is not a routed port, the default is 1. You should specify the input VLAN even for access ports.

src-mac

48-bit source MAC address.

dst-mac

48-bit destination MAC address.

ex-class

(Optional) Display detailed packet processing information related to classification.

ex-l4op

(Optional) Display detailed packet processing information related to Layer 4 operations.

ex-qos

(Optional) Display detailed packet processing information related to quality of service (QoS).

ex-sig

(Optional) Display detailed packet processing information related to the part of the hardware that recognizes frame formats (signature tables).

ip src-ip dst-ip

(Optional) Source and destination IP addresses in dotted decimal notation.

option

(Optional) Keyword signifying IP options are present in the packet.

dscp dscp

(Optional) Differentiated services code point (DSCP) field in the IP header. The range is 0 to 63.

frag fragment

(Optional) Two-byte IP fragment field in the IP header. This field includes the Don't Fragment bit (0x4000), the More Fragments bit (0x2000), and the Fragment Offset (0x0 through 0x1FFF). The default is 0x0 (unfragmented packet).

protocol-num

The numeric value of the protocol field in the IP header. The range is 0 to 255. For example, 47 is generic routing encapsulation (GRE), 89 is Open Shortest Path First (OSPF). If is TCP, UDP, ICMP, or IGMP, you should use the appropriate keyword instead of a numeric value.

icmp icmp-type icmp-code

Internet Control Message Protocol (ICMP) parameters. The icmp-type and icmp-code ranges are 0 to 255.

igmp igmp-version igmp-type

Internet Group Management Protocol (IGMP) parameters. The igmp-version and igmp-type ranges are 0 to 255.

tcp src-port dst-port flags

Transmission Control Protocol (TCP) parameters: TCP source port, destination port, and the numeric value of the TCP flags byte. The src-port and dst-port ranges are 0 to 65535.

udp src-port dst-port

User Datagram Protocol (UDP) parameters. The src-port and dst-port ranges are 0 to 65535.

cos cos

(Optional) Class of service (CoS) value of the frame. The range is 0 to 1024.

snap ethertype

(Optional) Subnetwork Access Protocol (SNAP) encapsulation type and the Ethertype field. The range is 0 to 65535.

sap lsap

(Optional) Service access point (SAP) encapsulation type and the LSAP field. The range is 0 to 65535.

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

If you enter this command without any arguments, you enter a dialog mode. This mode is not operational in this release.

Because of the many and varied items that go into the forwarding decision, this command requires detailed information about the frame in order to correctly indicate how the hardware would forward the frame.

This command has limited ability to account for QoS settings. It does not take into account any packet arrival rates, so if the system has been configured to mark down or police traffic based on data arrival rates, the command will display inaccurate information for traffic that exceeds the configured rates.

If QoS or ACLs are not configured, and if no port-channel interfaces are present, the most important parameters to specify are source interface, source VLAN, destination MAC address, and destination IP address (if applicable). The output is likely to be accurate, even if other parameters are missing or estimated.

If port channel interfaces are present, it is important to specify the source MAC address and IP address correctly.

If ACLs are present, all keywords in the command could be important to the forwarding decision.

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

Examples

Following are three examples of outputs from the show forward command. Table 2-15 describes the major sections in the output display.

In this example, the destination MAC address is the router's MAC address and routing lookups are performed.

Switch# show forward fastethernet0/8 vlan 8 0000.1111.2222 0022.3355.8800 ip 8.8.8.10 
4.4.4.33 255
signature:00000007, comparison ind:10, control info:2000941A control map:00000000
vlan:8, vlanid entry:000C0012 00000000 00000000 04400000
adjptr:D  adjacency:E0002409 00000404 04210000
vlan:1033, vlanid entry:0004000A 00000000 00000000 00000000
vlan:1033, vlanid entry:0004000A 00000000 00000000 00000000

lookup  key                                   bk adata    rawoff secoff sec
qos     960808080A04040421 800000000000FF0000 0  00000000 006304 004064  4
acl     960808080A04040421 800000000000FF0000 1  00000082 045408 002016  1
route   420808080A04040421 000000000000000000 0  3FFF800D 006361 000025  3
learn   187008000011112222 901208000004040421 0  80010003 002176 002176  0
forw    187008000011112222 901208000004040421 1  40020000 043328 010560  5
outacli A60808080A04040421 800000000000FF0000 0  00000083 012448 002016  2

bridgeDestMap:  00000000 00000000 0000FFFF FFFFFFC7
vlanMask:       00000000 00000000 0000FFFF EFFFFFFF
sourceMask:     00000000 00000000 00000000 00000000
globalMap:      00000000 00000000 00000000 00000000
globalMask:     00000000 00000000 0002FFFF EFFFFC03
forwMap:        00000000 00000000 00000000 10000000

frame notifies:
src u_dat vlan fl q-map
2   00    8    01 00000000 00000000 00000000 10000000

Egress q 44
signature:00000007, comparison ind:10, control info:2000941A control map:00000000
vlan:8, vlanid entry:000C0012 00000000 00000000 00000000
adjptr:D  adjacency:E0002409 00000404 04210000
vlan:1033, vlanid entry:0004000A 00000000 88000000 00000000

lookup  key                                   bk adata    rawoff secoff sec
route   420808080A04040421 000000000000000000 0  3FFF800D 006361 000025  3
GigabitEthernet0/1 vlan 1033, dst 0000.0404.0421 src 0022.3355.8800, cos 0x0, dscp 0x0

In this example, the destination MAC address is not the router's MAC address. No routing lookups are performed.

Switch# show forward fa0/8 vlan 8 0000.1111.2222 0022.3355.9800 ip 8.8.8.10 4.4.4.33 255
signature:00000007, comparison ind:10, control info:2000941A control map:00000000
vlan:8, vlanid entry:000C0012 00000000 00000000 04620000
vlan:8, vlanid entry:000C0012 00000000 00000000 04620000

lookup  key                                   bk adata    rawoff secoff sec
qos     940808080A04040421 800000000000FF0000 0  00000000 006304 004064  4
acl     940808080A04040421 800000000000FF0000 1  00000082 045408 002016  1
learn   187008000011112222 801008002233559800 0  80010003 002176 002176  0
forw    187008000011112222 801008002233559800 1  40020000 043328 010560  5

bridgeDestMap:  00000000 00000000 0000FFFF FFFFFFC7
vlanMask:       00000000 00000000 0000FFFF FFFFFE7F
portMask:       00000000 00000000 00000000 00000080
sourceMask:     00000000 00000000 00000000 00000000
globalMap:      00000000 00000000 00000000 00000000
globalMask:     00000000 00000000 0002FFFF EFFFFC03
forwMap:        00000000 00000000 00000000 00000100

frame notifies:
src u_dat vlan fl q-map
2   00    8    00 00000000 00000000 00000000 00000100

Egress q 8
signature:00000007, comparison ind:10, control info:2000941A control map:00000000
vlan:8, vlanid entry:000C0012 00000000 00000000 04620000
FastEthernet0/9 vlan 8, dst 0022.3355.9800 src 0000.1111.2222, cos 0x0, dscp 0x0

This is an example of the display that results if one of the destinations for the packet is the switch CPU. Note that in this case the section after the frame notifies section is labeled Cpu q and that a queue name is displayed.

Switch# show forward fa0/7 vlan 7 0000.1111.2222 0022.3355.8800 ip 1.1.1.1 7.7.7.1 255
signature:00000007, comparison ind:11, control info:2000941A control map:00000000
vlan:7, vlanid entry:000C0011 00000000 00318C60 88000000
adjptr:0  adjacency:00000000 00000000 0000C000
vlan:7, vlanid entry:000C0011 00000000 00318C60 88000000

lookup  key                                   bk adata    rawoff secoff sec
qos     960101010107070701 800000000000FF0000 0  00000000 006304 004064  4
acl     960101010107070701 800000000000FF0000 1  00000082 045408 002016  1
route   420101010107070701 000000000000000000 0  00048000 006345 000009  3
learn   186007000011112222 800E08002233558800 0  80010003 002176 002176  0
forw    186007000011112222 800E08002233558800 1  40090000 033000 000232  5

bridgeDestMap:  00000000 00000000 00000000 00000000
routeDestMap:   00000000 00000000 00100000 00000000
sourceMask:     00000000 00000000 00000000 00000000
globalMap:      00000000 00000000 00000000 00000000
globalMask:     00000000 00000000 0002FFFF EFBFFC03
forwMap:        00000000 00000000 00100000 00000000

frame notifies:
src u_dat vlan fl q-map
2   00    7    01 00000000 00000000 00100000 00000000

Cpu q:100 - routing queue

Table 2-15 show forward Output Description  

Output Section
Description

General (no heading)
Includes the first few lines of the display.

Displays lookup results for several tables in the input portion of the hardware. The output includes packet formats, the configuration of the input VLAN, and other information.

lookup section

Describes TCAM lookups performed during the input forwarding decision and the results of these lookups.

Bitmaps and masks

Displays maps and masks used to calculate the final set of forwarding destinations.

frame notifies section

Contains the bitmap that results from combining the maps and masks from the bitmaps section. If SPAN is configured, there might be additional bitmaps displayed.

Egress q <nn> section

There is an egress section for each separate destination port. The output is varied, but the important information is in the line containing the name of an output interface, output VLAN ID, and rewritten destination MAC address for the frame. If the output interface is a trunk port that needs to transmit multiple copies of the frame on different VLANs (for example, for IP multicast frames), several lines might contain the same output interface name, but a different output VLANs.

If output security ACLs are present, it is possible that one or more of these egress q sections will not contain a line listing an output port. This happens when the output ACL denies the packet.

Cpu q <nn> <name> section

When the CPU is one of the destinations for a packet, this section is displayed, followed by a queue name. This name should correspond to one of the queue names in the output from the show controllers cpu-interface privileged EXEC command, where statistics are displayed for the number of packets received at each queue.



show interfaces

Use the show interfaces privileged EXEC command to display the administrative and operational status of all interfaces or a specified interface.

show interfaces [interface-id | vlan vlan-id] [description | etherchannel | pruning | status [err-disabled] | switchport | trunk] [ | {begin | exclude | include} expression]

Syntax Description

interface-id

(Optional) ID of the physical interface, including type, slot, and port number.

vlan vlan-id

(Optional) VLAN identification. Valid IDs are from 1 to 1005. Do not enter leading zeros.

description

(Optional) Display the administrative status and description set for an interface.

etherchannel

(Optional) Display interface EtherChannel information.

pruning

(Optional) Display interface trunk VTP pruning information.

status

(Optional) Display the status of the interface.

err-disabled

(Optional) Display interfaces in error-disabled state.

switchport

(Optional) Display the administrative and operational status of a switching (nonrouting) port, including port blocking and port protection settings.

trunk

Display interface trunk information. If you do not specify an interface, information for only active trunking ports is displayed.

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

Examples

This is an example of output from the show interfaces gigabitethernet0/1 command.

Switch# show interfaces gigabitethernet0/1 
GigabitEthernet0/1 is up, line protocol is up
  Hardware is Gigabit Ethernet, address is 0002.4b29.4401 (bia 0002.4b29.4401)
  MTU 1500 bytes, BW 100000 Kbit, DLY 10 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation ARPA, loopback not set
  Keepalive set (10 sec)
  Half-duplex, 100Mb/s
  input flow-control is off, output flow-control is off
  ARP type: ARPA, ARP Timeout 04:00:00
  Last input 00:00:00, output 00:00:08, output hang never
  Last clearing of "show interface" counters never
  Queueing strategy: fifo
  Output queue 0/40, 0 drops; input queue 0/75, 0 drops
  5 minute input rate 1000 bits/sec, 2 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
     7122 packets input, 783062 bytes, 0 no buffer
     Received 5137 broadcasts, 0 runts, 0 giants, 0 throttles
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
     0 input packets with dribble condition detected
     9222 packets output, 2188728 bytes, 0 underruns
     0 output errors, 0 collisions, 2 interface resets
     0 babbles, 0 late collision, 1 deferred
     0 lost carrier, 0 no carrier
     0 output buffer failures, 0 output buffers swapped out 

This is an example of output from the show interfaces gigabitethernet0/4 description command when the interface has been described as Connects to Marketing by using the description interface configuration command.

Switch# show interfaces gigabitethernet0/4 description
Interface Status         Protocol Description
G10/4     up             down     Connects to Marketing

This is an example of output from the show interfaces gigabitethernet0/9 pruning command when pruning is enabled in the VTP domain:

Switch# show interfaces gigibitethernet0/9 pruning
Port    Vlans pruned for lack of request by neighbor
Gi0/9   3,4

Port    Vlans traffic requested of neighbor
Gi0/9   1-3

This is an example of output from the show interfaces status command. It displays the status of all interfaces.

Switch# show interfaces status

Port    Name               Status       Vlan       Duplex  Speed Type
Gi0/1   CubeA              connected    1          a-full  a-100 10/100/1000Base TX
Gi0/2   CubeC              notconnect   1            auto   auto 10/100/1000Base TX
Gi0/3   CubeE              disabled     1            auto   auto 10/100/1000Base TX
Gi0/4   CubeG              notconnect   1            auto   auto 10/100/1000Base TX
Gi0/5   CubeI              notconnect   routed       auto   auto 10/100/1000Base TX
Gi0/6   CubeK              notconnect   routed       auto   auto 10/100/1000Base TX
Gi0/7   CubeM              notconnect   1            auto   auto 10/100/1000Base TX

This is an example of output from the show interfaces etherchannel command when port channels are configured on the switch:

Switch# show interfaces etherchannel
----
GigabitEthernet0/9:
Port state    = Down Not-in-Bndl
Channel group = 6           Mode = Desirable-Sl     Gcchange = 0
Port-channel  = null        GC   = 0x00000000    Pseudo port-channel = Po6
Port index    = 0           Load = 0x00

Flags:  S - Device is sending Slow hello.  C - Device is in Consistent state.
        A - Device is in Auto mode.        P - Device learns on physical port.
        d - PAgP is down.
Timers: H - Hello timer is running.        Q - Quit timer is running.
        S - Switching timer is running.    I - Interface timer is running.

Local information:
                                Hello    Partner  PAgP     Learning  Group
Port      Flags State   Timers  Interval Count   Priority   Method  Ifindex
Gi0/9     d     U1/S1           1s       0        128        Any      0

Age of the port in the current state: 14d:12h:32m:05s
----
GigabitEthernet0/10:
Port state    = Up Sngl-port-Bndl Mstr Not-in-Bndl
Channel group = 10          Mode = Desirable-Sl     Gcchange = 0
Port-channel  = null        GC   = 0x000A0001    Pseudo port-channel = Po10
Port index    = 0           Load = 0x00

Flags:  S - Device is sending Slow hello.  C - Device is in Consistent state.
        A - Device is in Auto mode.        P - Device learns on physical port.
        d - PAgP is down.
Timers: H - Hello timer is running.        Q - Quit timer is running.
        S - Switching timer is running.    I - Interface timer is running.

Local information:
                                Hello    Partner  PAgP     Learning  Group
Port      Flags State   Timers  Interval Count   Priority   Method  Ifindex
Gi0/10          U4/S4   H       30s      0        128        Any      0

Age of the port in the current state: 01d:06h:05m:59s
----
Port-channel6:
Age of the Port-channel   = 01d:06h:05m:38s
Logical slot/port   = 1/1           Number of ports = 0
GC                  = 0x00000000      HotStandBy port = null
Port state          = Port-channel Ag-Not-Inuse

----
Port-channel10:
Age of the Port-channel   = 01d:06h:06m:15s
Logical slot/port   = 1/0           Number of ports = 0
GC                  = 0x00000000      HotStandBy port = null
Port state          = Port-channel Ag-Not-Inuse

This is an example of output from the show interfaces status err-disabled command. It displays the status of interfaces in error-disabled state.

Switch# show interfaces status err-disabled 

Port    Name               Status       Reason
Gi0/4                      notconnect   link-flap

informational error message when the timer expires on a cause
--------------------------------------------------------------

5d04h:%PM-SP-4-ERR_RECOVER:Attempting to recover from link-flap err-disable state on Gi0/4

This is an example of output from the show interfaces switchport command. It displays switch port information for all switching ports. Table 2-16 describes the fields in the display.

Switch# show interfaces switchport
Name: Gi0/1
Switchport: Enabled
Administrative Mode: dynamic desirable
Operational Mode: static access
Administrative Trunking Encapsulation: negotiate
Operational Trunking Encapsulation: native
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001

Protected: True
Unknown unicast blocked: disabled
Unknown multicast blocked: disabled

Name: Gi0/2
Switchport: Enabled
Administrative Mode: dynamic desirable
Operational Mode: down
Administrative Trunking Encapsulation: negotiate
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001

Protected: True
Unknown unicast blocked: disabled
Unknown multicast blocked: disabled

<output truncated>

Table 2-16 show interfaces switchport Field Descriptions 

Field
Description

Name

Displays the port name.

Switchport

Displays the administrative and operational status of the port. In this display, the port is in switchport mode.

Administrative Mode

Operational Mode

Displays the administrative and operational mode.

Administrative Trunking Encapsulation

Operation Trunking Encapsulation

Negotiation of Trunking

Displays the administrative and operational encapsulation method, and whether trunking negotiation is enabled.

Access Mode VLAN

Displays the VLAN ID to which the port is configured.

Trunking Native Mode VLAN

Trunking VLANs Enabled

Trunking VLANs Active

Lists the VLAN ID of the trunk that is in native mode. Lists the allowed VLANs on the trunk. Lists the active VLANs on the trunk.

Pruning VLANs Enabled

Lists the VLANs that are pruning-eligible.

Priority for untagged frames

Displays the port priority on incoming untagged frames.

Protected

Displays whether or not protected port is enabled (True) or disabled (False) on the interface.

Unknown unicast blocked

Unknown multicast blocked

Displays whether or not unknown multicast and unknown unicast traffic is blocked on the interface.


This is an example of output from the show interfaces gigabitethernet0/1 trunk command. It displays trunking information for the interface.

Switch# show interfaces gigabitethernet0/1 trunk

Port      Mode         Encapsulation  Status        Native vlan
Gi0/1     desirable    negotiate      not-trunking  1

Port      Vlans allowed on trunk
Gi0/1     1

Port      Vlans allowed and active in management domain
Gi0/1     1

Port      Vlans in spanning tree forwarding state and not pruned
Gi0/1     1 

Related Commands

Command
Description

switchport access

Configures a port as a static-access or dynamic-access port.

switchport block

Blocks unknown unicast or multicast traffic on an interface.

switchport broadcast

Configures the VLAN membership mode of a port.

switchport protected

Isolates unicast, multicast, and broadcast traffic at Layer 2 from other protected ports on the same switch.

switchport trunk pruning

Configures the VLAN pruning-eligible list for ports in trunking mode.


show interfaces counters

Use the show interfaces counters privileged EXEC command to display various counters for the switch or for a specific interface.

show interfaces [interface-id | vlan vlan-id] counters [broadcast | errors | multicast | trunk | unicast] [ | {begin | exclude | include} expression]

Syntax Description

interface-id

(Optional) ID of the physical interface, including type and slot and port number.

vlan vlan-id

(Optional) VLAN number of the management VLAN. Valid IDs are from 1 to 1001. Do not enter leading zeros.

broadcast

(Optional) Display discarded broadcast traffic.

errors

(Optional) Display error counters.

multicast

(Optional) Display discarded multicast traffic.

trunk

(Optional) Display trunk counters.

unicast

(Optional) Display discarded unicast traffic.

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

If you do not enter any keywords, all counters for all interfaces are included.

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

Examples

This is an example of output from the show interfaces counters command. It displays all counters for the switch.

Switch# show interfaces counters
Port            InOctets   InUcastPkts   InMcastPkts   InBcastPkts
Gi0/1           23324617         10376        185709        126020
Gi0/2                  0             0             0             0

Port           OutOctets  OutUcastPkts  OutMcastPkts  OutBcastPkts
Gi0/1            4990607         28079         21122            10
Gi0/2            1621568         25337             0             0

This is an example of output from the show interfaces counters broadcast command. It displays dropped broadcast traffic for all interfaces.

Switch# show interfaces counters broadcast
Port      BcastSuppDiscards
Gi0/1                     1
Gi0/2                     0

This is an example of output from the show interfaces gigabitethernet0/1 counters broadcast command. It displays dropped broadcast traffic for the interface.

Switch# show interfaces gigabitethernet0/1 counters broadcast

Port      BcastSuppDiscards
Gi0/1                     0 

This is an example of output from the show interfaces counters errors command. It displays interface error counters for all interfaces.

Switch# show interfaces counters errors

Port        Align-Err    FCS-Err   Xmit-Err    Rcv-Err UnderSize
Gi0/1               0          0          0          0         0
Gi0/2               0          0          0          0         0
Gi0/3               0          0          0          0         0
Gi0/4               0          0          0          0         0


Port      Single-Col Multi-Col  Late-Col Excess-Col Carri-Sen     Runts    Giants
Gi0/1              0         0         0          0         0         0      0
Gi0/2              0         0         0          0         0         0      0
Gi0/3              0         0         0          0         0         0      0
Gi0/4              0         0         0          0         0         0      0

This is an example of output from the show interfaces counters multicast command. It displays dropped multicast traffic for all interfaces.

Switch# show interfaces counters multicast

Port      McastSuppDiscards
Gi0/1                     0
Gi0/2                     0

This is an example of output from the show interfaces counters trunk command. It displays trunk counters for all interfaces.

Switch# show interfaces counters trunk

Port        TrunkFramesTx  TrunkFramesRx  WrongEncap
Gi0/1                   0              0           0
Gi0/2                   0              0           0 

This is an example of output from the show interfaces counters unicast command. It displays dropped unicast traffic for all interfaces.

Switch# show interfaces counters unicast

Port      UcastSuppDiscards
Gi0/1                  6872
Gi0/2                     0

This is an example of output from the show interfaces gigabitethernet0/1 counters unicast command. It displays dropped unicast traffic for the interface:

Switch# show interfaces gigabitethernet0/1 counters unicast

Port      UcastSuppDiscards
Gi0/1                     0 

Related Commands

Command
Description

show interfaces

Displays additional interface characteristics.

storm-control

Sets storm-control broadcast, multicast, and unicast suppression levels for an interface.

show storm-control

Displays storm-control settings for an interface or all interfaces.


show ip igmp profile

Use the show ip igmp profile privileged EXEC command to view all configured Internet Group Management Protocol (IGMP) profiles or a specified IGMP profile.

show ip igmp profile [profile number] [ | {begin | exclude | include} expression]

Syntax Description

profile number

(Optional) The IGMP profile number to be displayed. The range is from 1 to 4294967295. If no profile number is entered, all IGMP profiles are displayed.

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(8)EA1

This command was first introduced.


Usage Guidelines

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

Examples

These are examples of output from the show ip igmp profile privileged EXEC command, with and without specifying a profile number. If no profile number is entered, the display includes all profiles configured on the switch.

Switch# show ip igmp profile 40
IGMP Profile 40
    permit
    range 233.1.1.1 233.255.255.255

Switch# show ip igmp profile
IGMP Profile 3
    range 230.9.9.0 230.9.9.0
IGMP Profile 4
    permit
    range 229.9.9.0 229.255.255.255

Related Commands

Command
Description

ip igmp profile

Configures the specified IGMP profile number.


show ip igmp snooping

Use the show ip igmp snooping privileged EXEC command to display the Internet Group Management Protocol (IGMP) snooping configuration of the switch or the VLAN. Use the mrouter keyword to display the dynamically learned and manually configured multicast router ports.

show ip igmp snooping [vlan vlan-id | mrouter [vlan vlan-id] [ | {begin | exclude | include} expression]

Syntax Description

vlan vlan-id

(Optional) Specify a VLAN; valid values are 0 to 1001.

mrouter

(Optional) Display multicast router ports.

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

Use this command to display snooping characteristics for the switch or for a specific VLAN.

You can also use the show mac-address-table multicast privileged EXEC command to display entries in the MAC address table for a VLAN that has IGMP snooping enabled.

When multicast VLAN registration (MVR) is enabled, the show ip igmp snooping mrouter command displays MVR multicast router information and IGMP snooping information.

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

Examples

This is an example of output from the show ip igmp snooping command. It shows how to display snooping characteristics for all VLANs on the switch.

Switch# show ip igmp snooping 
vlan 1
----------
 IGMP snooping is globally enabled
 IGMP snooping is enabled on this Vlan
 IGMP snooping immediate-leave is disabled on this Vlan
 IGMP snooping mrouter learn mode is pim-dvmrp on this Vlan
 IGMP snooping is running in IGMP_ONLY mode on this Vlan
vlan 2
----------
 IGMP snooping is globally enabled
 IGMP snooping is enabled on this Vlan
 IGMP snooping immediate-leave is disabled on this Vlan
 IGMP snooping mrouter learn mode is pim-dvmrp on this Vlan
 IGMP snooping is running in IGMP_ONLY mode on this Vlan
vlan 10
----------
 IGMP snooping is globally enabled
 IGMP snooping is enabled on this Vlan
 IGMP snooping immediate-leave is disabled on this Vlan
 IGMP snooping mrouter learn mode is pim-dvmrp on this Vlan
 IGMP snooping is running in IGMP_ONLY mode on this Vlan 

This is an example of output from the show ip igmp snooping vlan 1 command. It shows how to display snooping characteristics for a specific VLAN.

Switch# show ip igmp snooping vlan 1
IGMP snooping is globally enabled
 IGMP snooping is enabled on this Vlan
 IGMP snooping immediate-leave is disabled on this Vlan
 IGMP snooping mrouter learn mode is pim-dvmrp on this Vlan
 IGMP snooping is running in IGMP_ONLY mode on this Vlan

This is an example of output from the show ip igmp snooping mrouter command. It shows how to display multicast router ports on the switch.

Switch# show ip igmp snooping mrouter
vlan            ports
-----+----------------------------------------
  1          Gi0/1,Gi0/1, Router
  2          Gi0/3,Gi0/4

This is an example of output from the show ip igmp snooping mrouter vlan 1 command. It shows how to display multicast router ports for a specific VLAN.

Switch# show ip igmp snooping mrouter vlan 1
vlan            ports
-----+----------------------------------------
  1          Gi0/1,Gi0/1, Router

Related Commands

Command
Description

ip igmp snooping

Enables and configures IGMP snooping on the switch or on a VLAN.

show mac-address-table multicast

Displays the Layer 2 multicast entries for a VLAN.


show l2tcam

Use the show l2tcam privileged EXEC command to display information about the portion of the ternary content addressable memory (TCAM) devoted to Layer 2 addresses. Use the keywords to display forwarding (bridging) or learning (MAC address learning) information or to display allocation statistics of MAC address types.

show l2tcam {cam {forwarding | learning} | shadow} [ | {begin | exclude | include} expression]

Syntax Description

cam

Display contents and associated information about TCAM Layer 2 contents. This display output is a raw hex dump of information, intended for a Cisco technical support representative.

forwarding

Display TCAM Layer 2 forwarding (bridging) information.

learning

Display TCAM Layer 2 learning (MAC address learning) information.

shadow

Display allocation statistics for various address types of MAC addresses that the software keeps track of. Address types are identified only by number.

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

This display provides information that might be useful for Cisco technical support representatives troubleshooting the switch.

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

Examples

This is an example of output from the show l2tcam cam learning command:

Switch# show l2tcam cam learning
mask 1156  F7 FFFFFFFF FFFFFFFF
mask 1157  F7 FFFFFFFF FFFFFFFF
mask 1158  F7 FFFFFFFF FFFFFFFF
mask 1159  F7 FFFFFFFF FFFFFFFF
9248       00 00000000 00000000     80070000
9249       00 00000000 00000000     80060000
9250       00 00000000 00000000     80070000
9251       18 00010002 4B293A00     80020000
9252       00 00000000 00000000     80060000
9253       00 00000000 00000000     80010000
9254       00 00000000 00000000     80030000
9255       18 00010002 4B296700     80040000
<output truncated>

 9368       FF FFFFFFFF FFFFFFFF     5E731478
9369       FF FFFFFFFF FFFFFFFF     17B195AE
9370       FF FFFFFFFF FFFFFFFF     AB2DECEA
9371       FF FFFFFFFF FFFFFFFF     D821EC4E
9372       FF FFFFFFFF FFFFFFFF     E6E55344
9373       FF FFFFFFFF FFFFFFFF     FBFB0EEE
9374       FF FFFFFFFF FFFFFFFF     2057A03D
9375       FF FFFFFFFF FFFFFFFF     E55FE7C3

This is an example of output from the show l2tcam shadow command:

Switch# show l2tcam shadow
learning table
type  start  end   firstfree  firstfreeentry  flag  used/free
0     0      79    0          0               4        0/640
1     80     83    80         0               4        0/32
2     1159   84    1159       3               2        3/8605
3     1160   1167  1160       0               1        0/64
4     1168   1171  1168       1               1        1/31

forwarding table
type  start  end   firstfree  firstfreeentry  flag  used/free
0     0      0     0          0               12       0/0
1     0      0     0          0               12       0/0
2     0      77    0          0               4        0/624
3     78     83    82         6               1       38/10
4     84     1159  84         3               4        3/8605
5     1287   1160  1275       3               2       99/925
6     1415   1288  1403       3               2       99/925
7     1416   1417  1416       0               1        0/16
8     1801   1418  1801       0               2        0/3072
9     1802   1803  1802       1               1        1/15
10    1804   1805  1804       1               1        1/15
11    1809   1806  1809       0               2        0/32
12    1810   1811  1810       2               1        2/14

Related Commands

Command
Description

show l3tcam

Displays information about the TCAM devoted to Layer 3 forwarding information.

show mac-address-table

Displays the MAC address table static and dynamic entries.


show l3tcam

Use the show l3tcam privileged EXEC command to display information about the portion of the ternary content addressable memory (TCAM) devoted to Layer 3 forwarding (IP routing) information.

show l3tcam {cam | shadow} [ | {begin | exclude | include} expression]

This command is available only if the enhanced multilayer software image (EMI) is installed. All Catalyst 3550 Gigabit Ethernet switches ship with the EMI installed. Catalyst 3550 Fast Ethernet switches can be shipped with either the standard multilayer software image (SMI) or EMI pre-installed. You can order the Enhanced Multilayer Software Image Upgrade kit to upgrade Catalyst 3550 Fast Ethernet switches from the SMI to the EMI.

Syntax Description

cam

Display contents and associated information about TCAM Layer 3 contents devoted to unicast and multicast IP routing. This display output is a raw hex dump of information, intended for a Cisco technical support representative.

shadow

Display contents and associated information about TCAM Layer 3 contents formatted to display routes and adjacencies associated with each mask, and some overall statistics.

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

This display provides information that might be useful for Cisco technical support representatives troubleshooting the switch.

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

Examples

This is an example of output from the show l3tcam cam command:

Switch# show l3tcam cam
00 00 00 42 00 00 00 00 0A 01 01 0F
Mask(s)
00 00 00 F1 00 00 00 00 FF FF FF FF
00 00 00 F1 00 00 00 00 FF FF FF FF
00 00 00 F1 00 00 00 00 FF FF FF FF
00 00 00 F1 00 00 00 00 FF FF FF FF

Entries
00 00 00 42 00 00 00 00 0A 01 01 0F     ( 00 04 80 00  )

Mask(s)
00 00 00 F1 00 00 00 00 FF FF FF 00
00 00 00 F1 00 00 00 00 FF FF FF 00
00 00 00 F1 00 00 00 00 FF FF FF 00
00 00 00 F1 00 00 00 00 FF FF FF 00

Entries

<output truncated>

This is an example of output from the show l3tcam shadow command:

Switch# show l3tcam shadow
L3 TCAM: total enries = 30720, used entries = 12
Prefix 33: Start=0(0) End=3(24) FirstFree=1, NumFree = 31

     Offset      Tbl+Flgs        SA      DA      Assoc
=================================================
Mask: NA         0xF1    0.0.0.0         255.255.255.255         --

Entry: 0         0x42    0.0.0.0         10.1.1.15       0x00048000

Prefix 41: Start=4(32) End=7(56) FirstFree=32, NumFree = 32

     Offset      Tbl+Flgs        SA      DA      Assoc
=================================================
Mask: NA         0xF1    0.0.0.0         255.255.255.0   --


Prefix 65: Start=8(64) End=11(88) FirstFree=66, NumFree = 30

     Offset      Tbl+Flgs        SA      DA      Assoc
=================================================
Mask: NA         0xF1    0.0.0.0         0.0.0.0         --

Entry: 64        0x42    0.0.0.0         0.0.0.0         0x00048000
Entry: 65        0x43    0.0.0.0         0.0.0.0         0x00048000
<output truncated>

Related Commands

Command
Description

show adjacency

Displays Cisco Express Forwarding (CEF) adjacency table information. For syntax information, select Cisco IOS Switching Services Command Reference for IOS Release 12.1 > IP Addressing and Services > Commands.

show arp

Displays the entries in the ARP table. For syntax information, select Cisco IOS IP and IP Routing Command Reference for IOS Release 12.1 > IP Addressing and Services > IP Addressing Commands.

show ip route

Displays the current state of the routing table. For syntax information, select Cisco IOS IP and IP Routing Command Reference for IOS Release 12.1 > IP Routing Protocols > IP Routing Protocol-Independent Commands.

show l2tcam

Displays information about the portion of the TCAM devoted to Layer 2 information.


show mac-address-table

Use the show mac-address-table privileged EXEC command to display the MAC address table static and dynamic entries.

show mac-address-table [ | {begin | exclude | include} expression]

Syntax Description

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

Examples

This is an example of output from the show mac-address-table command:

Switch# show mac-address-table
          Mac Address Table
------------------------------------------

Vlan    Mac Address       Type       Ports
----    -----------       ----       -----
 All    0000.0000.0001    STATIC     CPU
 All    0000.0000.0002    STATIC     CPU
 All    0000.0000.0003    STATIC     CPU
 All    0000.0000.0009    STATIC     CPU
 All    0000.0000.0012    STATIC     CPU
 All    0180.c200.000b    STATIC     CPU
 All    0180.c200.000c    STATIC     CPU
 All    0180.c200.000d    STATIC     CPU
 All    0180.c200.000e    STATIC     CPU
 All    0180.c200.000f    STATIC     CPU
 All    0180.c200.0010    STATIC     CPU
   1    0030.9441.6327    DYNAMIC    Fa0/23
Total Mac Addresses for this criterion: 12

Related Commands

Command
Description

clear mac-address-table dynamic

Delete from the MAC address table a specific dynamic address, all dynamic addresses on a particular interface, or all dynamic addresses on a particular VLAN.

show mac-address-table aging-time

Displays the aging time in all VLANs or the specified VLAN.

show mac-address-table count

Displays the number of addresses present in all VLANs or the specified VLAN.

show mac-address-table dynamic

Displays dynamic MAC address table entries only.

show mac-address-table interfacee

Displays the MAC address table information for the specified interface.

show mac-address-table multicast

Displays the Layer 2 multicast entries for all VLANs or the specified VLAN.

show mac-address-table notification

Displays the MAC address notification settings for all interfaces or the specified interface.

show mac-address-table static

Displays static MAC address table entries only.

show mac-address-table vlan

Displays the MAC address table information for the specified VLAN.


show mac-address-table address

Use the show mac-address-table address privileged EXEC command to display MAC address table information for the specified MAC address.

show mac-address-table address mac-address [interface interface-id] [vlan vlan-id] [ | {begin | exclude | include} expression]

Syntax Description

mac-address

Specify the 48-bit MAC address; the valid format is H.H.H.

interface interface-id

(Optional) Display information for a specific interface. Valid interfaces include physical ports and port channels.

vlan vlan-id

(Optional) Display entries for the specific VLAN only. The range is 1 to 1005.

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

Examples

This is an example of output from the show mac-address-table address command:

Switch# show mac-address-table address 0002.4b28.c482
          Mac Address Table
------------------------------------------

Vlan    Mac Address     Type    Ports
----    -----------     ----    -----
 All    0002.4b28.c482  STATIC  CPU
Total Mac Addresses for this criterion: 1 

Related Commands

Command
Description

show mac-address-table aging-time

Displays the aging time in all VLANs or the specified VLAN.

show mac-address-table count

Displays the number of addresses present in all VLANs or the specified VLAN.

show mac-address-table dynamic

Displays dynamic MAC address table entries only.

show mac-address-table interface

Displays the MAC address table information for the specified interface.

show mac-address-table multicast

Displays the Layer 2 multicast entries for all VLANs or the specified VLAN.

show mac-address-table notification

Displays the MAC address notification settings for all interfaces or the specified interface.

show mac-address-table static

Displays static MAC address table entries only.

show mac-address-table vlan

Displays the MAC address table information for the specified VLAN.


show mac-address-table aging-time

Use the show mac-address-table aging-time privileged EXEC command to display the aging time in all VLANs or the specified VLAN.

show mac-address-table aging-time [vlan vlan-id] [ | {begin | exclude | include} expression]

Syntax Description

vlan vlan-id

(Optional) Display aging time information for a specific VLAN. The range is 1 to 1005; do not enter leading zeros.

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

If no VLAN number is specified, then the aging time for all VLANs is displayed.

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

Examples

This is an example of output from the show mac-address-table aging-time command:

Switch# show mac-address-table aging-time
Vlan    Aging Time
----    ----------
   1     300 

This is an example of output from the show mac-address-table aging-time vlan 10 command:

Switch# show mac-address-table aging-time vlan 10
Vlan    Aging Time
----    ----------
  10     300 

Related Commands

Command
Description

mac-address-table aging-time

Sets the length of time that a dynamic entry remains in the MAC address table after the entry is used or updated.

show mac-address-table address

Displays MAC address table information for the specified MAC address.

show mac-address-table count

Displays the number of addresses present in all VLANs or the specified VLAN.

show mac-address-table dynamic

Displays dynamic MAC address table entries only.

show mac-address-table interface

Displays the MAC address table information for the specified interface.

show mac-address-table multicast

Displays the Layer 2 multicast entries for all VLANs or the specified VLAN.

show mac-address-table notification

Displays the MAC address notification settings for all interfaces or the specified interface.

show mac-address-table static

Displays static MAC address table entries only.

show mac-address-table vlan

Displays the MAC address table information for the specified VLAN.


show mac-address-table count

Use the show mac-address-table count privileged EXEC command to display the number of addresses present in all VLANs or the specified VLAN.

show mac-address-table count [vlan vlan-id] [ | {begin | exclude | include} expression]

Syntax Description

vlan vlan-id

(Optional) Display the number of addresses for a specific VLAN. The range is 1 to 1005; do not enter leading zeros.

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

If no VLAN number is specified, then the address count for all VLANs is displayed.

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

Examples

This is an example of output from the show mac-address-table count command:

Switch# show mac-address-table count

Mac Entries for Vlan   : 1
---------------------------
Dynamic Address Count  : 2
Static  Address Count  : 0
Total Mac Addresses    : 2 

Related Commands

Command
Description

show mac-address-table address

Displays MAC address table information for the specified MAC address.

show mac-address-table aging-time

Displays the aging time in all VLANs or the specified VLAN.

show mac-address-table dynamic

Displays dynamic MAC address table entries only.

show mac-address-table interface

Displays the MAC address table information for the specified interface.

show mac-address-table multicast

Displays the Layer 2 multicast entries for all VLANs or the specified VLAN.

show mac-address-table notification

Displays the MAC address notification settings for all interfaces or the specified interface.

show mac-address-table static

Displays static MAC address table entries only.

show mac-address-table vlan

Displays the MAC address table information for the specified VLAN.


show mac-address-table dynamic

Use the show mac-address-table dynamic privileged EXEC command to display dynamic MAC address table entries only.

show mac-address-table dynamic [address mac-address] [interface interface-id] [vlan vlan-id]
[
| {begin | exclude | include} expression]

Syntax Description

address mac-address

(Optional) Specify a 48-bit MAC address; the valid format is H.H.H.

interface interface-id

(Optional) Specify an interface to match; valid interfaces include physical ports and port channels.

vlan vlan-id

(Optional) Display entries for a specific VLAN; the range is 1 to 1005.

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

Examples

This is an example of output from the show mac-address-table dynamic command:

Switch# show mac-address-table dynamic
          Mac Address Table
------------------------------------------

Vlan    Mac Address     Type    Ports
----    -----------     ----    -----
   1    0030.b635.7862  DYNAMIC Gi0/2
   1    00b0.6496.2741  DYNAMIC Gi0/2
Total Mac Addresses for this criterion: 2 

Related Commands

Command
Description

clear mac-address-table dynamic

Deletes from the MAC address table a specific dynamic address, all dynamic addresses on a particular interface, or all dynamic addresses on a particular VLAN.

show mac-address-table address

Displays MAC address table information for the specified MAC address.

show mac-address-table aging-time

Displays the aging time in all VLANs or the specified VLAN.

show mac-address-table count

Displays the number of addresses present in all VLANs or the specified VLAN.

show mac-address-table interface

Displays the MAC address table information for the specified interface.

show mac-address-table multicast

Displays the Layer 2 multicast entries for all VLANs or the specified VLAN.

show mac-address-table notification

Displays the MAC address notification settings for all interfaces or the specified interface.

show mac-address-table static

Displays static MAC address table entries only.

show mac-address-table vlan

Displays the MAC address table information for the specified VLAN.


show mac-address-table interface

Use the show mac-address-table interface privileged command to display the MAC address table information for the specified interface in the specified VLAN.

show mac-address-table interface interface-id [vlan vlan-id] [ | {begin | exclude | include} expression]

Syntax Description

interface-id

Specify an interface type; valid interfaces include physical ports and port channels.

vlan vlan-id

(Optional) Display entries for a specific VLAN; the range is 1 to 1005. Do not enter leading zeros.

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

Examples

This is an example of output from the show mac-address-table interface command:

Switch# show mac-address-table interface gigabitethernet0/2
          Mac Address Table
------------------------------------------

Vlan    Mac Address     Type    Ports
----    -----------     ----    -----
   1    0030.b635.7862  DYNAMIC Gi0/2
   1    00b0.6496.2741  DYNAMIC Gi0/2
Total Mac Addresses for this criterion: 2 

Related Commands

Command
Description

show mac-address-table address

Displays MAC address table information for the specified MAC address.

show mac-address-table aging-time

Displays the aging time in all VLANs or the specified VLAN.

show mac-address-table count

Displays the number of addresses present in all VLANs or the specified VLAN.

show mac-address-table dynamic

Displays dynamic MAC address table entries only.

show mac-address-table multicast

Displays the Layer 2 multicast entries for all VLANs or the specified VLAN.

show mac-address-table notification

Displays the MAC address notification settings for all interfaces or the specified interface.

show mac-address-table static

Displays static MAC address table entries only.

show mac-address-table vlan

Displays the MAC address table information for the specified VLAN.


show mac-address-table multicast

Use the show mac-address-table multicast privileged EXEC command to display the Layer 2 multicast entries for all VLANs or the specified VLAN.

show mac-address-table multicast [count] | igmp-snooping [count] | user [count] | vlan vlan-id [count] [ | {begin | exclude | include} expression]

Syntax Description

count

(Optional) Display the total number of entries for the specified command options, instead of the actual entries.

igmp-snooping

(Optional) Display entries learned through Internet Group Management Protocol (IGMP) snooping.

user

(Optional) Display the user-configured multicast entries only.

vlan vlan-id

(Optional) Display addresses for a specific VLAN. The range is 1 to 1005; do not enter leading zeros.

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

Examples

This is an example of output from the show mac-address-table multicast command. It shows how to display all multicast entries for the switch.

Switch# show mac-address-table multicast
Vlan    Mac Address     Type    Ports
----    -----------     ----    -----
   1    0100.5e00.0128  IGMP    Gi0/1 

This is an example of output from the show mac-address-table multicast count command. It shows how to display a total count of MAC address entries for the switch.

Switch# show mac-address-table multicast count

Multicast MAC Entries for all vlans:    10

This is an example of output from the show mac-address-table multicast vlan 1 count command. It shows how to display a total count of MAC address entries for a VLAN.

Switch# show mac-address-table multicast vlan 1 count

Multicast MAC Entries for vlan 1:    4

This is an example of output from the show mac-address-table multicast interface vlan1 command. It shows how to display the user-configured multicast entries for VLAN 1.

Switch# show mac-address-table multicast interface vlan1
vlan   mac address     type 	        ports
-----+---------------+--------+---------+---+--------------------------------
  1  0100.5e02.0203    user           Gi0/1,Gi0/2
  1  0100.5e00.0128    user           Gi0/1,Gi0/2

This is an example of output from the show mac-address-table multicast vlan 1 igmp-snooping count command. It shows how to display the total number of entries learned through IGMP snooping for VLAN 1:

Switch# show mac-address-table multicast vlan 1 igmp-snooping count
Number of IGMP Learned Multicast Addresses:    2

Related Commands

Command
Description

show mac-address-table address

Displays MAC address table information for the specified MAC address.

show mac-address-table aging-time

Displays the aging time in all VLANs or the specified VLAN.

show mac-address-table count

Displays the number of addresses present in all VLANs or the specified VLAN.

show mac-address-table dynamic

Displays dynamic MAC address table entries only.

show mac-address-table interface

Displays the MAC address table information for the specified interface.

show mac-address-table notification

Displays the MAC address notification settings for all interfaces or the specified interface.

show mac-address-table static

Displays static MAC address table entries only.

show mac-address-table vlan

Displays the MAC address table information for the specified VLAN.


show mac-address-table notification

Use the show mac-address-table notification privileged EXEC command to display the MAC address notification settings for all interfaces or the specified interface.

show mac-address-table notification [interface [interface-id] [ | {begin | exclude | include} expression]

Syntax Description

interface

(Optional) Display information for all interfaces. Valid interfaces include physical ports and port channels.

interface-id

(Optional) Display information for the specified interface. Valid interfaces include physical ports and port channels.

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(8)EA1

This command was first introduced.


Usage Guidelines

Use the show mac-address-table notification command without any keywords to display whether the feature is enabled or disabled, the MAC notification interval, the maximum number of entries allowed in the history table, and the history table contents.

Use the interface keyword to display the flags for all interfaces. If the interface-id is included, only the flags for that interface are displayed.

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

Examples

This is an example of output from the show mac-address-table notification command:

Switch# show mac-address-table notification
MAC Notification Feature is Enabled on the switch
Interval between Notification Traps : 60 secs
Number of MAC Addresses Added : 4
Number of MAC Addresses Removed : 4
Number of Notifications sent to NMS : 3
Maximum Number of entries configured in History Table : 100
Current History Table Length : 3
MAC Notification Traps are Enabled
History Table contents
----------------------
History Index 0, Entry Timestamp 1032254, Despatch Timestamp 1032254
MAC Changed Message :
Operation: Added   Vlan: 2     MAC Addr: 0000.0000.0001 Module: 0   Port: 1

History Index 1, Entry Timestamp 1038254, Despatch Timestamp 1038254
MAC Changed Message :
Operation: Added   Vlan: 2     MAC Addr: 0000.0000.0000 Module: 0   Port: 1
Operation: Added   Vlan: 2     MAC Addr: 0000.0000.0002 Module: 0   Port: 1
Operation: Added   Vlan: 2     MAC Addr: 0000.0000.0003 Module: 0   Port: 1

History Index 2, Entry Timestamp 1074254, Despatch Timestamp 1074254
MAC Changed Message :
Operation: Deleted Vlan: 2     MAC Addr: 0000.0000.0000 Module: 0   Port: 1
Operation: Deleted Vlan: 2     MAC Addr: 0000.0000.0001 Module: 0   Port: 1
Operation: Deleted Vlan: 2     MAC Addr: 0000.0000.0002 Module: 0   Port: 1
Operation: Deleted Vlan: 2     MAC Addr: 0000.0000.0003 Module: 0   Port: 1

Related Commands

Command
Description

show mac-address-table address

Displays MAC address table information for the specified MAC address.

show mac-address-table aging-time

Displays the aging time in all VLANs or the specified VLAN.

show mac-address-table count

Displays the number of addresses present in all VLANs or the specified VLAN.

show mac-address-table dynamic

Displays dynamic MAC address table entries only.

show mac-address-table interface

Displays the MAC address table information for the specified interface.

show mac-address-table multicast

Displays the Layer 2 multicast entries for all VLANs or the specified VLAN.

show mac-address-table static

Displays static MAC address table entries only.

show mac-address-table vlan

Displays the MAC address table information for the specified VLAN.


show mac-address-table static

Use the show mac-address-table static privileged EXEC command to display static MAC address table entries only.

show mac-address-table static [address mac-address] [interface interface-id] [vlan vlan-id]
[
| {begin | exclude | include} expression]

Syntax Description

address mac-address

(Optional) Specify a 48-bit MAC address; the valid format is H.H.H.

interface interface-id

(Optional) Specify an interface to match; valid interfaces include physical ports and port channels.

vlan vlan-id

(Optional) Display addresses for a specific VLAN. The range is 1 to 1005; do not enter leading zeros.

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

Examples

This is an example of output from the show mac-address-table static command:

Switch# show mac-address-table static
          Mac Address Table
------------------------------------------

Vlan    Mac Address     Type    Ports
----    -----------     ----    -----
 All    0100.0ccc.cccc  STATIC  CPU
 All    0180.c200.0000  STATIC  CPU
 All    0100.0ccc.cccd  STATIC  CPU
 All    0180.c200.0001  STATIC  CPU
 All    0180.c200.0002  STATIC  CPU
 All    0180.c200.0003  STATIC  CPU
 All    0180.c200.0004  STATIC  CPU
 All    0180.c200.0005  STATIC  CPU
 All    0180.c200.0006  STATIC  CPU
 All    0180.c200.0007  STATIC  CPU
Total Mac Addresses for this criterion: 10 

Related Commands

Command
Description

mac-address-table static

Adds static addresses to the MAC address table.

show mac-address-table address

Displays MAC address table information for the specified MAC address.

show mac-address-table aging-time

Displays the aging time in all VLANs or the specified VLAN.

show mac-address-table count

Displays the number of addresses present in all VLANs or the specified VLAN.

show mac-address-table dynamic

Displays dynamic MAC address table entries only.

show mac-address-table interface

Displays the MAC address table information for the specified interface.

show mac-address-table multicast

Displays the Layer 2 multicast entries for all VLANs or the specified VLAN.

show mac-address-table notification

Displays the MAC address notification settings for all interfaces or the specified interface.

show mac-address-table vlan

Displays the MAC address table information for the specified VLAN.


show mac-address-table vlan

Use the show mac-address-table vlan privileged EXEC command to display the MAC address table information for the specified VLAN.

show mac-address-table vlan vlan-id [ | {begin | exclude | include} expression]

Syntax Description

vlan-id

(Optional) Display addresses for a specific VLAN. The range is 1 to 1005; do not enter leading zeros.

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

Examples

This is an example of output from the show mac-address-table vlan 1 command:

Switch# show mac-address-table vlan 1
          Mac Address Table
------------------------------------------

Vlan    Mac Address     Type    Ports
----    -----------     ----    -----
   1    0100.0ccc.cccc  STATIC  CPU
   1    0180.c200.0000  STATIC  CPU
   1    0100.0ccc.cccd  STATIC  CPU
   1    0180.c200.0001  STATIC  CPU
   1    0180.c200.0002  STATIC  CPU
   1    0180.c200.0003  STATIC  CPU
   1    0180.c200.0004  STATIC  CPU
   1    0180.c200.0005  STATIC  CPU
   1    0180.c200.0006  STATIC  CPU
   1    0180.c200.0007  STATIC  CPU
Total Mac Addresses for this criterion: 10 

Related Commands

Command
Description

show mac-address-table address

Displays MAC address table information for the specified MAC address.

show mac-address-table aging-time

Displays the aging time in all VLANs or the specified VLAN.

show mac-address-table count

Displays the number of addresses present in all VLANs or the specified VLAN.

show mac-address-table dynamic

Displays dynamic MAC address table entries only.

show mac-address-table interface

Displays the MAC address table information for the specified interface.

show mac-address-table multicast

Displays the Layer 2 multicast entries for all VLANs or the specified VLAN.

show mac-address-table notification

Displays the MAC address notification settings for all interfaces or the specified interface.

show mac-address-table static

Displays static MAC address table entries only.


show mls qos

Use the show mls qos privileged EXEC command to display global quality of service (QoS) configuration information.

show mls qos [ | {begin | exclude | include} expression]

Syntax Description

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

Examples

This is an example of output from the show mls qos command:

Switch# show mls qos 
Qos is enabled

Related Commands

Command
Description

mls qos

Enables quality of service (QoS) for the entire switch.


show mls qos aggregate-policer

Use the show mls qos aggregate-policer privileged EXEC command to display the quality of service (QoS) aggregate policer configuration. A policer defines a maximum permissible rate of transmission, a maximum burst size for transmissions, and an action to take if either maximum is exceeded.

show mls qos aggregate-policer [aggregate-policer-name] [ | {begin | exclude | include} expression]

Syntax Description

aggregate-policer-name

(Optional) Display the policer configuration for the specified name.

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

Examples

This is an example of output from the show mls qos aggregate-policer command:

Switch# show mls qos aggregate-policer policer1
aggregate-policer policer1 88000 2000000 exceed-action drop
Not used by any policy map 

Related Commands

Command
Description

mls qos aggregate-policer

Defines policer parameters that can be shared by multiple classes within a policy map.


show mls qos interface

Use the show mls qos interface privileged EXEC command to display quality of service (QoS) information at the interface level.

show mls qos interface [interface-id] [buffers | policers | queueing | statistics]
[
| {begin | exclude | include} expression]

Syntax Description

interface-id

(Optional) Display QoS information for the specified interface. Valid interfaces include physical ports.

vlan vlan-id

(Optional) Display QoS information for a specific VLAN. The range is 1 to 1001; do not enter leading zeros.

buffers

(Optional) Display buffer settings of the queues. For Gigabit-capable Ethernet ports, the display includes the queue depth for each of the four queues and the tail drop or Weighted Random Early Detection (WRED) thresholds. For 10/100 Ethernet ports, the display includes the configured minimum-reserve settings.

policers

(Optional) Display all the policers configured on the interface, their settings, and the number of policers that are currently unassigned.

queueing

(Optional) Display queueing strategy (weighted round robin, priority queueing), the weights corresponding to the queues, and the CoS-to-egress-queue map.

statistics

(Optional) Display all the Differentiated Services Code Points (DSCPs) for which statistics are maintained and the corresponding ingress and egress statistics, including the number of bytes dropped.

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.



Note Though visible in the command-line help strings, the vlan vlan-id options are not supported.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

If no keyword is specified with the show mls qos interface command, the port QoS mode (DSCP trusted, CoS trusted, untrusted, and so forth), default class of service (CoS) value, DSCP-to-DSCP-mutation map (if any) attached to the port, and policy map (if any) attached to the interface are displayed. If a specific interface is not specified, the information for all interfaces is displayed.

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

Examples

This is an example of output from the show mls qos interface gigabitethernet0/1 buffers command:

Switch# show mls qos interface gigabitethernet0/1 buffers
GigabitEthernet0/1
Notify Q depth:
qid-size
 1 - 25
 2 - 25
 3 - 25
 4 - 25
qid WRED thresh1 thresh2
 1  dis   100      100
 2  dis   100      100
 3  dis   100      100
 4  dis   100      100

In the preceding display, the qid-size section shows the weight (the amount of space allocated to each queue) as configured by the wrr-queue queue-limit interface configuration command. The next section of the display shows the settings of the tail-drop thresholds for all four queues. The WRED column shows that it is disabled, which means the tail-drop is in effect. Tail-drop thresholds are configured by the wrr-queue threshold interface configuration command.

This is an example of output from the show mls qos interface fastethernet0/1 buffers command:

Switch# show mls qos interface fastethernet0/1 buffers
FastEthernet0/1
Minimum reserve buffer size:
 100 100 100 100 100 100 100 100
Minimum reserve buffer level select:
 4 2 5 7

The preceding display shows that the buffersize for all minimum-reserve levels is set to 100 packets. Line 5 of the display shows that queue 1 selects minimum-reserve level 4, queue 2 selects minimum-reserve level 2, queue 3 selects minimum-reserve level 5, and queue 4 selects minimum-reserve level 7.

This is an example of output from the show mls qos interface gigabitethernet0/1 queueing command:

Switch# show mls qos interface gigabitethernet0/1 queueing
GigabitEthernet0/1
Ingress expedite queue: dis
Egress expedite queue: ena
wrr bandwidth weights:
qid-weights
 1 - 25
 2 - 25
 3 - 25
Dscp-threshold map:
     d1 :  d2 0  1  2  3  4  5  6  7  8  9
     ---------------------------------------
      0 :    01 01 01 01 01 01 01 01 01 01
      1 :    01 01 01 01 01 01 01 01 01 01
      2 :    01 01 01 01 01 01 01 01 01 01
      3 :    01 01 01 01 01 01 01 01 01 01
      4 :    01 01 01 01 01 01 01 01 01 01
      5 :    01 01 01 01 01 01 01 01 01 01
      6 :    01 01 01 01
Cos-queue map:
cos-qid
 0 - 1
 1 - 1
 2 - 2
 3 - 2
 4 - 3
 5 - 3
 6 - 4
 7 - 4 

In the preceding display, the egress expedite queue is enabled. Because of this, the weight of the expedite queue (queue 4) is ignored and not used in the ratio calculation. Only the bandwidth weights for the remaining queues are displayed. The bandwidth weight of the queues is configured by the wrr-queue bandwidth interface configuration command. The CoS-to-queue map shows the CoS values that are mapped to select a queue; this map is configured by the wrr-queue cos-map interface configuration command.

This is an example of output from the show mls qos interface gigabitethernet0/1 statistics command. Table 2-17 describes the fields in this display.

Switch# show mls qos interface gigabitethernet0/1 statistics
Ingress
  dscp: incoming   no_change  classified policed    dropped (in bytes)
    1 : 0          0          0          0          0
    2 : 0          0          0          0          0
    3 : 0          0          0          0          0
    45: 0          0          0          0          0
    23: 0          0          0          0          0
Others: 203216935  24234242   178982693  0          0
Egress
  dscp: incoming   no_change  classified policed    dropped (in bytes)
   1 : 0             n/a       n/a      0          0
   2 : 0             n/a       n/a      0          0
   3 : 0             n/a       n/a      0          0
   45: 0             n/a       n/a      0          0
   23: 0             n/a       n/a      0          0
Others: 155983       n/a       n/a      0          0 

WRED drop counts:
  qid  thresh1    thresh2   FreeQ
   1 : 0          0         1024
   2 : 0          0         1024
   3 : 0          0         1024
   4 : 0          0         1024

Table 2-17 show mls qos interface statistics Field Descriptions 

 
Field
Description

Ingress

incoming

Number of packets or bytes with a specific DSCP entering the ingress QoS process.

 

no_change

Number of packets or bytes for which the DSCP value did not change after classification.

 

classified

Number of packets or bytes that were classified to this DSCP value.

 

policed

Number of packets or bytes that were marked down from this DSCP value.

 

dropped (in bytes)

Number of packets or bytes dropped by policing.

Egress

incoming

Number of packets or bytes with a specific DSCP entering the egress QoS process.

 

no_change

Number of packets with a specific DSCP that did not change.

 

classified

Number of packets with a specific DSCP that was classified according to the class map.

 

policed

Number of packets or bytes that were marked down from this DSCP.

 

dropped (in bytes)

Number of packets or bytes of this DSCP dropped.

WRED drop counts

qid

Queue number.

 

thresh1 and thresh2

Number of DSCPs of a specific value dropped at threshold 1 and threshold 2.

 

FreeQ

Amount of free queue space available per queue.


Related Commands

Command
Description

mls qos monitor

Defines up to 16 DSCP values for which byte or packet statistics are gathered by hardware.


show mls qos maps

Use the show mls qos maps privileged EXEC command to display quality of service (QoS) mapping information. Maps are used to generate an internal Differentiated Services Code Point (DSCP) value, which represents the priority of the traffic.

show mls qos maps [cos-dscp | dscp-cos | dscp-mutation dscp-mutation-name | dscp-switch-priority | ip-prec-dscp | policed-dscp] [ | {begin | exclude | include} expression]

Syntax Description

cos-dscp

(Optional) Display class of service (CoS)-to-DSCP map.

dscp-cos

(Optional) Display DSCP-to-CoS map.

dscp-mutation dscp-mutation-name

(Optional) Display the specified DSCP-to-DSCP-mutation map.

dscp-switch-priority

(Optional) Display the DSCP-to-switch-priority map.

ip-prec-dscp

(Optional) Display the IP-precedence-to-DSCP map.

policed-dscp

(Optional) Display the policed-DSCP map.

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

Examples

This is an example of output from the show mls qos maps command:

Switch# show mls qos maps
Policed-dscp map:
     d1 :  d2 0  1  2  3  4  5  6  7  8  9
     ---------------------------------------
      0 :    00 01 02 03 04 05 06 07 08 09
      1 :    10 11 12 13 14 15 16 17 18 19
      2 :    20 21 22 23 24 25 26 27 28 29
      3 :    30 31 32 33 34 35 36 37 38 39
      4 :    40 41 42 43 44 45 46 47 48 49
      5 :    50 51 52 53 54 55 56 57 58 59
      6 :    60 61 62 63

Dscp-cos map:
     d1 :  d2 0  1  2  3  4  5  6  7  8  9
     ---------------------------------------
      0 :    00 00 00 00 00 00 00 00 01 01
      1 :    01 01 01 01 01 01 02 02 02 02
      2 :    02 02 02 02 03 03 03 03 03 03
      3 :    03 03 04 04 04 04 04 04 04 04
      4 :    05 05 05 05 05 05 05 05 06 06
      5 :    06 06 06 06 06 06 07 07 07 07
      6 :    07 07 07 07

Dscp-switch priority map:
     d1 :  d2 0  1  2  3  4  5  6  7  8  9
     ---------------------------------------
      0 :    00 00 00 00 00 00 00 00 00 00
      1 :    00 00 00 00 00 00 01 01 01 01
      2 :    01 01 01 01 01 01 01 01 01 01
      3 :    01 01 02 02 02 02 02 02 02 02
      4 :    02 02 02 02 02 02 02 02 03 03
      5 :    03 03 03 03 03 03 03 03 03 03
      6 :    03 03 03 03

Cos-dscp map:
        cos:   0  1  2  3  4  5  6  7
     --------------------------------
       dscp:   0  8 16 24 32 40 48 56

IpPrecedence-dscp map:
     ipprec:   0  1  2  3  4  5  6  7
     --------------------------------
       dscp:   0  8 16 24 32 40 48 56

Dscp-dscp mutation map:
   Default DSCP Mutation Map:
     d1 :  d2 0  1  2  3  4  5  6  7  8  9
     ---------------------------------------
      0 :    00 01 02 03 04 05 06 07 08 09
      1 :    10 11 12 13 14 15 16 17 18 19
      2 :    20 21 22 23 24 25 26 27 28 29
      3 :    30 31 32 33 34 35 36 37 38 39
      4 :    40 41 42 43 44 45 46 47 48 49
      5 :    50 51 52 53 54 55 56 57 58 59
      6 :    60 61 62 63 

Note The d1 column specifies the most-significant digit in the internal DSCP; the d2 row specifies the least-significant digit in the internal DSCP. The intersection of the d1 and d2 values provides the policed-DSCP, the CoS, the switch priority, or the mutated-DSCP value. For example, in the DSCP-to-CoS map, an internal DSCP value of 43 corresponds to a CoS value of 5.


Related Commands

Command
Description

mls qos map

Defines the CoS-to-DSCP map, DSCP-to-CoS map, DSCP-to-DSCP-mutation map, IP-precedence-to-DSCP map, and the policed-DSCP map.


show monitor

Use the show monitor privileged EXEC command to display Switch Port Analyzer (SPAN) session information.

show monitor [session session_number] [ | {begin | exclude | include} expression]

Syntax Description

session session_number

(Optional) Specify the number of the SPAN session. Valid values are 1 and 2.

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(6)EA1

This command was first introduced.


Usage Guidelines

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

Examples

This is an example of output from the show monitor session 1 command:

Switch# show monitor session 1

Session 1
---------
Source Ports:
    RX Only:      None
    TX Only:      Gi0/1
    Both:         None
Source VLANs:
    RX Only:      None
    TX Only:      None
    Both:         None
Destination Ports:Gi0/6
    Encapsulation:DOT1Q
Filter VLANs:     None

This is an example of output from the show monitor command with no session number specified:

Switch# show monitor
Session 1
---------
Source Ports:
    RX Only:       None
    TX Only:       None
    Both:          Gi0/1
Source VLANs:
    RX Only:       None
    TX Only:       None
    Both:          None
Destination Ports: Gi0/10
    Encapsulation: DOT1Q
Filter VLANs:      None

Session 2
---------
Source Ports:
    RX Only:      None
    TX Only:      None
    Both:         None
Source VLANs:
    RX Only:      None
    TX Only:      None
    Both:         None
Destination Ports:None
Filter VLANs:     None

This is an example of output from the show monitor session 1 | begin Destination command. It displays SPAN information for a specific session beginning with the line that starts with Destination.

Switch# show monitor session 1 | begin Destination
Destination Ports: None
Filter VLANs:      None

Related Commands

Command
Description

monitor session

Starts a new SPAN session, adds or deletes interfaces or VLANs to or from an existing SPAN session, and filters SPAN source traffic to specific source VLANs.


show mvr

Use the show mvr privileged EXEC command without keywords to display the current Multicast VLAN Registration (MVR) global parameter values, including whether or not MVR is enabled, the MVR multicast VLAN, the maximum query response time, the number of multicast groups, and the MVR mode (dynamic or compatible).

show mvr [ | {begin | exclude | include} expression]

Syntax Description

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

Examples

This is an example of output from the show mvr command:

Switch# show mvr
MVR Running: TRUE
MVR multicast vlan: 1
MVR Max Multicast Groups: 256
MVR Current multicast groups: 256
MVR Global query response time: 5 (tenths of sec)
MVR Mode: compatible 

In the preceding display, the maximum number of multicast groups is fixed at 256. The MVR mode is either compatible (for inter-operability with Catalyst 2900 XL and Catalyst 3500 XL switches) or dynamic (where operation is consistent with IGMP snooping operation and dynamic MVR membership on source ports is supported).

Related Commands

Command
Description

mvr (global configuration)

Enables and configures multicast VLAN registration on the switch.

mvr (interface configuration)

Configures MVR ports.

show mvr interface

Displays the configured MVR interfaces, status of the specified interface, or all multicast groups to which the interface belongs when the interface and members keywords are appended to the command.

show mvr members

Displays all ports that are members of an MVR multicast group or, if there are no members, means the group is inactive.


show mvr interface

Use the show mvr interface privileged EXEC command without keywords to display the Multicast VLAN Registration (MVR) receiver and source ports. Use the command with keywords to display MVR parameters for a specific receiver port.

show mvr interface [interface-id [members [vlan vlan-id]]] [ | {begin | exclude | include} expression]

Syntax Description

interface-id

(Optional) Display MVR type, status, and Immediate Leave setting for the interface.

members

(Optional) Display all MVR groups to which the specified interface belongs.

vlan vlan-id

(Optional) Display all MVR group members on this VLAN. The VLAN ID range is from 1 to 1001.

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

If the entered port identification is a non-MVR port or a source port, the command returns an error message. For receiver ports, it displays the port type, per port status, and Immediate-Leave setting.

If you enter the members keyword, all MVR group members on the interface are displayed. If you enter a VLAN ID, all MVR group members in the VLAN are displayed.

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

Examples

This is an example of output from the show mvr interface command:

Switch# show mvr interface
Port    Type            Status          Immediate Leave
----    ----            -------         ---------------
Gi0/1   SOURCE          ACTIVE/UP       DISABLED
Gi0/2   RECEIVER        ACTIVE/DOWN     DISABLED
Gi0/5   RECEIVER        ACTIVE/UP       ENABLED 

In the preceding display, Status is defined as follows:

Active means the port is part of a VLAN

Up/Down means that the port is forwarding/nonforwarding

Inactive means that the port is not yet part of any VLAN.

This is an example of output from the show mvr interface gigabitethernet 0/2 command:

Switch# show mvr interface gigabitethernet0/2
Type: RECEIVER Status: ACTIVE Immediate Leave: DISABLED 

This is an example of output from the show mvr interface gigabitethernet0/6 members command:

Switch# show mvr interface gigabitethernet0/6 members
239.255.0.0     DYNAMIC ACTIVE
239.255.0.1     DYNAMIC ACTIVE
239.255.0.2     DYNAMIC ACTIVE
239.255.0.3     DYNAMIC ACTIVE
239.255.0.4     DYNAMIC ACTIVE
239.255.0.5     DYNAMIC ACTIVE
239.255.0.6     DYNAMIC ACTIVE
239.255.0.7     DYNAMIC ACTIVE
239.255.0.8     DYNAMIC ACTIVE
239.255.0.9     DYNAMIC ACTIVE

Related Commands

Command
Description

mvr (global configuration)

Enables and configures multicast VLAN registration on the switch.

mvr (interface configuration)

Configures MVR ports.

show mvr

Displays the global MVR configuration on the switch.

show mvr members

Displays all receiver ports that are members of an MVR multicast group.


show mvr members

Use the show mvr members privileged EXEC command to display all receiver ports that are currently members of an IP multicast group.

show mvr members [ip-address] [ | {begin | exclude | include} expression]

Syntax Description

ip-address

(Optional) The IP multicast address. If the address is entered, all receiver ports that are members of the multicast group are displayed. If no address is entered, all members of all Multicast VLAN Registration (MVR) groups are listed. If a group has no members, the group is listed as Inactive.

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

The show mvr members command applies to receiver ports only. For MVR compatible mode, all source ports are members of all multicast groups.

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

Examples

This is an example of output from the show mvr members command:

Switch# show mvr members
MVR Group IP    Status          Members
------------    ------          -------
239.255.0.1     ACTIVE          Gi0/1(d), Gi0/5(s)
239.255.0.2     INACTIVE        None
239.255.0.3     INACTIVE        None
239.255.0.4     INACTIVE        None
239.255.0.5     INACTIVE        None
239.255.0.6     INACTIVE        None
239.255.0.7     INACTIVE        None
239.255.0.8     INACTIVE        None
239.255.0.9     INACTIVE        None
239.255.0.10    INACTIVE        None

<output truncated>

239.255.0.255   INACTIVE        None
239.255.1.0     INACTIVE        None 

This is an example of output from the show mvr members 239.255.0.2 command. It shows how to view the members of the IP multicast group 239.255.0.2:

Switch# show mvr members 239.255.0.2
239.255.0.2     ACTIVE          Gi0/1(d), Gi0/2(d), Gi0/3(d), 
                                Gi0/4(d), Gi0/5(s)

Related Commands

Command
Description

mvr (global configuration)

Enables and configures multicast VLAN registration on the switch.

mvr (interface configuration)

Configures MVR ports.

show mvr

Displays the global MVR configuration on the switch.

show mvr interface

Displays the configured MVR interfaces, status of the specified interface, or all multicast groups to which the interface belongs when the members keyword is appended to the command.


show pagp

Use the show pagp privileged EXEC command to display Port Aggregation Protocol (PAgP) channel-group information.

show pagp [channel-group-number] {counters | internal | neighbor} [ | {begin | exclude | include} expression]

Syntax Description

channel-group-number

(Optional) Number of the channel group. Valid numbers range from 1 to 64.

counters

Display traffic information.

internal

Display internal information.

neighbor

Display neighbor information.

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

You can enter any show pagp command to display the active port channel information. To display the nonactive information, enter the show pagp command with a group number.

Examples

This is an example of output from the show pagp 1 counters command:

Switch# show pagp 1 counters
           Information        Flush
Port       Sent   Recv     Sent   Recv
--------------------------------------
Channel group: 1
  Gi0/1    45     42       0      0 
  Gi0/2    45     41       0      0 

This is an example of output from the show pagp 1 internal command:

Switch# show pagp 1 internal
Flags:  S - Device is sending Slow hello.  C - Device is in Consistent state.
        A - Device is in Auto mode.
Timers: H - Hello timer is running.        Q - Quit timer is running.
        S - Switching timer is running.    I - Interface timer is running.

Channel group 1
                                Hello    Partner  PAgP     Learning  Group
Port      Flags State   Timers  Interval Count   Priority   Method  Ifindex
Gi0/1     SC    U6/S7   H       30s      1        128        Any      16
Gi0/2     SC    U6/S7   H       30s      1        128        Any      16

This is an example of output from the show pagp 1 neighbor command:

Switch# show pagp 1 neighbor
Flags:  S - Device is sending Slow hello.  C - Device is in Consistent state.
        A - Device is in Auto mode.        P - Device learns on physical port.

Channel group 1 neighbors
          Partner              Partner          Partner         Partner Group
Port      Name                 Device ID        Port       Age  Flags   Cap.
Gi0/1     vegas-p2             0002.4b29.4600   Gi0/1        9s SC      10001 
Gi0/2     vegas-p2             0002.4b29.4600   Gi0/2       24s SC      10001 

Related Commands

Command
Description

clear pagp

Clears PAgP channel-group information.


show policy-map

Use the show policy-map privileged EXEC command to display quality of service (QoS) policy maps, which define classification criteria for incoming traffic. Policy maps can include policers that specify the bandwidth limitations and the action to take if the limits are exceeded.

show policy-map [policy-map-name [class class-name]] [ | {begin | exclude | include} expression]

Syntax Description

policy-map-name

(Optional) Display the specified policy-map name.

class class-name

(Optional) Display QoS policy actions for a individual class.

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.



Note Though visible in the command-line help string, the interface keyword is not supported, and the statistics shown in the display should be ignored.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.

12.1(6)EA1

The class keyword was added.


Usage Guidelines

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

Examples

This is an example of output from the show policy-map command:

Switch# show policy-map
Policy Map policy1
  class  class1
   set ip dscp 7

Policy Map policy3
  class  class99
   police 96000 999999 exceed-action drop
  class  class3
   police 8000 98989 exceed-action drop
  class  class20
   police 8000 9090 exceed-action drop
  class  class21
   police 904000 9090909 exceed-action policed-dscp-transmit
  class  class22
   police 904000 9090909 exceed-action policed-dscp-transmit 

Related Commands

Command
Description

policy-map

Creates or modifies a policy map that can be attached to multiple interfaces to specify a service policy.


show port-security

Use the show port-security privileged EXEC command to display port-security settings for an interface or for the switch.

show port-security [interface interface-id] [address] [ | {begin | exclude | include} expression]

Syntax Description

interface interface-id

(Optional) Display port security settings for the specified interface.

address

(Optional) Display all secure MAC addresses on all ports or the specified port.

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(8)EA1

This command was first introduced.


Usage Guidelines

If you enter the command without keywords, the output includes the administrative and operational status of all secure ports on the switch. If you enter an interface-id, the output displays port security settings for the interface.

The show port-security address command displays all secure MAC addresses on the switch or on the specified interface.

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

Examples

This is an example of the output from the show port-security privileged EXEC command when no interface is specified.

Switch# show port-security
Secure Port      MaxSecureAddr  CurrentAddr  SecurityViolation  Security Action
                    (Count)        (Count)      (Count)
-------------------------------------------------------------------------------
     Fa0/12          25            1             0            Restrict
     Fa0/22          15            1             0            Protect

This is an example of the output from the show port-security privileged EXEC command for a specified interface:

Switch# show port-security interface fastethernet0/12
Security Enabled:Yes, Port Status:SecureUp
Violation Mode:Restrict
Max. Addrs:25, Current Addrs:1, Configure Addrs:1

This is an example of output from the show port-security address privileged EXEC command.

Switch# show port-security address
          Secure Mac Address Table
------------------------------------------------------------

Vlan    Mac Address       Type                Ports
----    -----------       ----                -----
   1    1000.2000.3000    SecureConfigured     Fa0/12

This is an example of output from the show port-security address privileged EXEC command for a specified interface.

Switch# show port-security interface fastethernet0/12 address
          Secure Mac Address Table
------------------------------------------------------------

Vlan    Mac Address       Type                Ports
----    -----------       ----                -----
   1    1000.2000.3000    SecureConfigured     Fa0/12
-----------------------------------------------------
Total Addresses: 1

Related Commands

Command
Description

switchport port-security

Enables or configures port security on an interface.


show proposed

Use the show proposed VLAN configuration command to display the proposed VLAN database or a selected VLAN from it.

show proposed [vlan-id]

Syntax Description

vlan-id

(Optional) ID of the VLAN in the proposed database. If this variable is omitted, the entire VLAN database displays, included the pruning state and Version 2 mode. Valid IDs are from 1 to 1005; do not enter leading zeros.


Command Modes

VLAN configuration

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

If the variable vlan-id is omitted, the show proposed command displays the entire proposed VLAN database.

The proposed VLAN database is not the running configuration until you use the exit or apply VLAN configuration command.

Examples

This is an example of output from the show proposed command:

Switch(vlan)# show proposed

VLAN ISL Id: 1
    Name: default
    Media Type: Ethernet
    VLAN 802.10 Id: 100001
    State: Operational
    MTU: 1500
    Translational Bridged VLAN: 1002
    Translational Bridged VLAN: 1003

  VLAN ISL Id: 2
    Name: VLAN0002
    Media Type: FDDI Net
    VLAN 802.10 Id: 100002
    State: Operational
    MTU: 1500
    STP Type: IBM

VLAN ISL Id: 1002
    Name: fddi-default
    Media Type: FDDI
    VLAN 802.10 Id: 101002
    State: Operational
    MTU: 1500
    Bridge Type: SRB
    Translational Bridged VLAN: 1
    Translational Bridged VLAN: 1003
VLAN ISL Id: 1003
    Name: trcrf-default
    Media Type: TRCRF
    VLAN 802.10 Id: 101003
    State: Operational
    MTU: 4472
    Bridge Type: SRB
    Ring Number: 3276
    Bridge Number: 1
    Parent VLAN: 1005
    Maximum ARE Hop Count: 7
    Maximum STE Hop Count: 7
    Backup CRF Mode: Disabled
    Translational Bridged VLAN: 1
    Translational Bridged VLAN: 1002

  VLAN ISL Id: 1004
    Name: fddinet-default
    Media Type: FDDI Net
    VLAN 802.10 Id: 101004
    State: Operational
    MTU: 1500
    Bridge Type: SRB
    Bridge Number: 1
    STP Type: IBM

VLAN ISL Id: 1005
    Name: trbrf-default
    Media Type: TRBRF
    VLAN 802.10 Id: 101005
    State: Operational
    MTU: 4472
    Bridge Type: SRB
    Bridge Number: 15
    STP Type: IBM 

Related Commands

Command
Description

show changes

Displays the differences between the VLAN database currently on the switch and the proposed VLAN database.

show current

Displays the current VLAN database on the switch or a selected VLAN from it.


show sdm prefer

Use the show sdm prefer privileged EXEC command to display information about the templates that can be used to maximize system resources for a particular feature, or use the command without a keyword to display the template currently in use.

show sdm prefer [access | default | routing | vlan] [ | {begin | exclude | include} expression]

Syntax Description

access

(Optional) Display the template that maximizes system resources for quality of service (QoS) classification and security access control entries (ACEs).

default

(Optional) Display the template that balances system resources among features.

routing

(Optional) Display the template that maximizes system resources for routing.

vlan

(Optional) Display the template that maximizes system resources for Layer 2 VLANs.

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

If you did not reload the switch after entering the sdm prefer global configuration command, the show sdm prefer privileged EXEC command displays the template currently in use and not the newly configured template.

The numbers displayed for each template represent an approximate maximum number for each feature resource. The actual number might vary, depending on the actual number of other features configured. For example, in the default template if your switch had more than 16 routed interfaces (subnet VLANs), the number of possible unicast MAC addresses might be less than 6000.

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

Examples

This is an example of output from the show sdm prefer command on a Gigabit Ethernet switch, displaying the template currently in use.

Switch# show sdm prefer
The current template is default template.
 The selected template optimizes the resources in
 the switch to support this level of features for
 16 routed interfaces and 1K VLANs. 

 number of unicast mac addresses:  6K
 number of igmp groups:            6K
 number of qos aces:               2K
 number of security aces:          2K
 number of unicast routes:         12K
 number of multicast routes:       6K

This is an example of output from the show sdm prefer access command on a Gigabit Ethernet switch, displaying the access template characteristics:

Switch# show sdm prefer access
access template:
 The selected template optimizes the resources in
 the switch to support this level of features for
 16 routed interfaces and 1K VLANs.

 number of unicast mac addresses:  2K
 number of igmp groups:            8K
 number of qos aces:               2K
 number of security aces:          4K
 number of unicast routes:         4K
 number of multicast routes:       8K

Related Commandsnumber of multicast routes: 8K number of multicast routes: 8K

Command
Description

sdm prefer

Sets the SDM template to maximize feature resource utilization for QoS classification and security ACEs, routing, or VLANs, or to the default template.


show spanning-tree

Use the show spanning-tree privileged EXEC command to display spanning-tree state information.

show spanning-tree [bridge-group] [active | backbonefast | blockedports | bridge | brief | inconsistentports | interface interface-id | pathcost method | root | summary [totals] | uplinkfast | vlan vlan-id] [ | {begin | exclude | include} expression]

Syntax Description

bridge-group

(Optional) Specify the bridge group number. The range is 1 to 255.

active

(Optional) Display spanning-tree information on active interfaces only.

backbonefast

(Optional) Display spanning-tree BackboneFast status.

blockedports

(Optional) Display blocked port information.

bridge

(Optional) Display status and configuration of this switch.

brief

(Optional) Specify a brief summary of interface information.

inconsistentports

(Optional) Display inconsistent port information.

interface interface-id

(Optional) List of interfaces for which spanning-tree information is displayed. Enter each interface separated by a space. Ranges are not supported. Valid interfaces include physical ports and VLANs.

pathcost method

(Optional) Display the default path cost method.

root

(Optional) Display root switch status and configuration.

summary

(Optional) Specify a summary of port states.

total

(Optional) Display the total lines of the spanning-tree state section.

uplinkfast

(Optional) Display spanning-tree UplinkFast status.

vlan vlan-id

(Optional) Specify the VLAN ID. The range is 1 to 1005.

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

Examples

This is an example of output from the show spanning-tree active command:

Switch# show spanning-tree active
VLAN1 is executing the ieee compatible Spanning Tree protocol
  Bridge Identifier has priority 32768, sysid 1, address 0002.4b29.2e01
  Configured hello time 2, max age 20, forward delay 15
  Current root has priority 32768, address 0001.42e2.cdca
  Root port is 1 (GigabitEthernet0/1), cost of root path is 38
  Topology change flag not set, detected flag not set
  Number of topology changes 27 last change occurred 01:22:46 ago
          from GigabitEthernet0/8
  Times:  hold 1, topology change 35, notification 2
          hello 2, max age 20, forward delay 15
  Timers: hello 0, topology change 0, notification 0, aging 0

 Port 1 (GigabitEthernet0/1) of VLAN1 is forwarding
   Port path cost 19, Port priority 128, Port Identifier 128.1.
   Designated root has priority 32768, address 0001.42e2.cdca
   Designated bridge has priority 32768, address 0030.946c.d740
   Designated port id is 128.26, designated path cost 19
   Timers: message age 2, forward delay 0, hold 0
   Number of transitions to forwarding state: 1
   BPDU: sent 44, received 16139 

<output truncated> 

This is an example of output from the show spanning-tree brief command:

Switch# show spanning-tree brief

VLAN1
  Spanning tree enabled protocol ieee
  Root ID    Priority    32768
             Address     0001.42e2.cdca
             Cost        38
             Port        1 (GigabitEthernet0/1)
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32768
             Address     0002.4b29.2e01
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time 0

Interface                                   Designated
Name                 Port ID Prio Cost  Sts Cost  Bridge ID            Port ID
-------------------- ------- ---- ----- --- ----- -------------------- -------
GigabitEthernet0/1   128.1    128    19 FWD    19 32768 0030.946c.d740 128.26
GigabitEthernet0/6   128.6    128     4 FWD    38 32768 0002.4b29.2e01 128.6
GigabitEthernet0/7   128.7    128    19 FWD    38 32768 0002.4b29.2e01 128.7
GigabitEthernet0/8   128.8    128    19 FWD    38 32768 0002.4b29.2e01 128.8
GigabitEthernet0/10  128.10   128    19 FWD    38 32768 0002.4b29.2e01 128.10 

This is an example of output from the show spanning-tree interface gigabitethernet 0/1 command:

Switch# show spanning-tree interface gigabitethernet0/1
Port 1 (GigabitEthernet0/1) of VLAN1 is forwarding
   Port path cost 19, Port priority 128, Port Identifier 128.1.
   Designated root has priority 32768, address 0001.42e2.cdca
   Designated bridge has priority 32768, address 0030.946c.d740
   Designated port id is 128.26, designated path cost 19
   Timers: message age 2, forward delay 0, hold 0
   Number of transitions to forwarding state: 1
   BPDU: sent 44, received 16189 

This is an example of output from the show spanning-tree summary command:

Switch# show spanning-tree summary
Root bridge for: none.
Extended system ID is enabled
PortFast BPDU Guard is disabled
EtherChannel misconfiguration guard is enabled
UplinkFast is disabled
BackboneFast is disabled
Default pathcost method used is short 

Name                 Blocking Listening Learning Forwarding STP Active
-------------------- -------- --------- -------- ---------- ----------
VLAN1                13       0         0        1          14
VLAN2                1        0         0        1          2
VLAN3                1        0         0        1          2

<output truncated>

Related Commands

Command
Description

spanning-tree backbonefast

Enables the BackboneFast feature.

spanning-tree cost

Configures the path cost for STP calculations.

spanning-tree etherchannel guard misconfig

Enables the EtherChannel guard feature, and displays an error message when a loop caused by a channel misconfiguration is detected.

spanning-tree guard

Enables the root guard feature for all the VLANs associated with the interface.

spanning-tree extend system-id

Enables the extended system ID feature.

spanning-tree portfast

Enables the Port Fast feature on an interface and all its associated VLANs.

spanning-tree portfast bpduguard

Globally enables the Bridge Protocol Data Unit (BPDU) guard feature on the switch and shuts down Port Fast-configured interfaces.

spanning-tree port-priority

Configures an interface priority, which is used when two switches tie for position as the root switch.

spanning-tree uplinkfast

Accelerates the choice of a new root port when a link or switch fails or when STP reconfigures itself.

spanning-tree vlan

Configures STP on a per-VLAN basis.


show storm-control

Use the show storm-control privileged EXEC command to display broadcast, multicast, or unicast storm control settings on the switch or on the specified interface or to display storm-control history.

show storm-control [interface-id] [broadcast | multicast | unicast] [ | {begin | exclude | include} expression]

Syntax Description

interface-id

(Optional) Interface ID for the physical port.

broadcast

(Optional) Display broadcast storm threshold setting.

multicast

(Optional) Display multicast storm threshold setting.

unicast

(Optional) Display unicast storm threshold setting.

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(8)EA1

This command was first introduced.


Usage Guidelines

When you enter an interface-id, the storm control thresholds are displayed for the specified interface.

If you do not enter an interface-id, settings are displayed for one traffic type for all ports on the switch.

If you do not enter a traffic type, settings are displayed for broadcast storm control.

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

Examples

This is an example of output from the show storm-control command when no keywords are entered. Because no traffic type keyword was entered, the broadcast storm control settings are displayed.

Switch# show storm-control
Interface  Filter State   Level    Current
---------  -------------  -------  -------
Fa0/1      inactive       100.00%  N/A
Fa0/2      inactive       100.00%  N/A
Fa0/3      inactive       100.00%  N/A
Fa0/4      inactive       100.00%  N/A
Fa0/5      inactive       100.00%  N/A
Fa0/6      inactive       100.00%  N/A
Fa0/7     Forwarding      50.00%    0.00%
Fa0/8      inactive       100.00%  N/A

<output truncated>

This is an example of output from the show storm-control command for a specified interface. Because no traffic type keyword was entered, the broadcast storm control settings are displayed.

Switch# show storm-control fastethernet0/17
Interface  Filter State   Level    Current
---------  -------------  -------  -------
Fa0/17     Forwarding      50.00%    0.00%

This is an example of output from the show storm-control command for a specified interface and traffic type, where no storm control threshold has been set for that traffic type on the specified interface.

Switch# show storm-control fastethernet0/17 multicast
Interface  Filter State   Level    Current
---------  -------------  -------  -------
Fa0/17     inactive       100.00%  N/A
<output truncated>

Table 2-18 describes the fields in the show storm-control display.

Table 2-18 show storm-control Field Descriptions 

Field
Description

Interface

Displays the ID of the interface.

Filter State

Displays the status of the filter:

Blocking—Storm control is enabled and a storm has occurred.

Forwarding—Storm control is enabled and no storms have occurred.

Inactive—Storm control is disabled.

Level

Displays the threshold level set on the interface for broadcast traffic or the specified traffic type (broadcast, multicast, or unicast).

Current

Displays the bandwidth utilization of broadcast traffic or the specified traffic type (broadcast, multicast, or unicast) as a percentage of total available bandwidth. This field is only valid when storm control is enabled.


Related Commands

Command
Description

storm-control

Sets the broadcast, multicast, or unicast storm control levels for the switch.


show system mtu

Use the show system mtu privileged EXEC command to display the global maximum transmission unit (MTU) or maximum packet size set for the switch.

show system mtu [ | {begin | exclude | include} expression]

Syntax Description

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

If you have used the system mtu global configuration command to change the MTU setting, the new setting does not take effect until you reset the switch.

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

Examples

This is an example of output from the show system mtu command:

Switch# show system mtu
System MTU size is 1500 bytes

Related Commands

Command
Description

switchport unicast

Sets the maximum transmission unit (MTU) size for the switch.


show tcam

Use the show tcam privileged EXEC command to display information about the input security access control list (ACL) or output security ACL regions of the ternary content addressable memory (TCAM). Use the keywords to display information for a specific TCAM ID or specific characteristics.

show tcam {inacl | outacl} [tcam_id] {entries [tcam_id]} | {labels [tcam_id]} | {masks [tcam_id] | size | statistics [entries | hits | labels | masks]}[ | {begin | exclude | include} expression]

Syntax Description

inacl

Display information about the input security ACL TCAM portion.

outacl

Display information about the output security ACL TCAM portion.

tcam_id

(Optional) Display information for a specific TCAM ID. The range is 1-3 for Gigabit Ethernet switches and is always 1 for Fast Ethernet switches.

entries

Display one or all TCAM ACL entries and associated information. When all entries are displayed, the mask information is also displayed. This display output is a raw hex dump of information, intended for a Cisco technical support representative.

labels

Display entries and associated information for a feature manager label (see the show fm label command). This display output is a raw hex dump of information, intended for a Cisco technical support representative.

masks

Display mask information. This display output is a raw hex dump of information, intended for a Cisco technical support representative.

size

Display the size of the input or output ACL TCAM region.

statistics [entries | hits | labels | masks]

Display allocation statistics for the input or output ACL TCAM region.

(Optional) Display allocation statistics for entries, hits, labels, or masks.

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

These displays provide information that might be useful for Cisco technical support representatives troubleshooting the switch.

Examples

This is an example of output from the show tcam inacl entries command:

Switch# show tcam inacl entries
Number of active labels: 1
Label Value :       0
Number of entries : 8
Entry List
----------
Mask Index : 117
FC FF FF 00 00 00 00 00 00 80 FF 00 01 00 00 00 00 00
Entry Index : 929  Timestamp: 88
90 08 06 00 00 00 00 00 00 80 00 00 01 00 00 00 00 00 As Data(hex) : 00260086
Mask Index : 118
FE FF FF 00 00 00 00 00 00 80 FF 00 00 00 00 00 00 00
Entry Index : 944  Timestamp: 176
92 08 06 00 00 00 00 00 00 80 00 00 00 00 00 00 00 00 As Data(hex) : 00260086
Mask Index : 119
F6 00 00 00 00 00 00 00 00 80 FF 00 00 C0 00 FE 00 00
Entry Index : 945  Timestamp: 254
96 00 00 00 00 00 00 00 00 80 00 00 00 00 00 58 00 00 As Data(hex) : 00260086
Mask Index : 120
F6 00 00 00 00 00 00 00 00 80 FF 00 00 C0 00 FF 00 00
Entry Index : 960  Timestamp: 115
96 00 00 00 00 00 00 00 00 80 00 00 00 00 00 67 00 00 As Data(hex) : 00260086
Mask Index : 121
F7 00 00 00 00 00 00 00 00 80 FF 80 00 C0 00 00 FF FF
Mask Index : 122
F4 00 00 00 00 E0 00 00 00 80 FF 00 00 C0 00 FF 00 00
Entry Index : 976  Timestamp: 148
94 00 00 00 00 E0 00 00 00 80 00 00 00 00 00 09 00 00 As Data(hex) : 00260086
Mask Index : 123
F5 00 00 00 00 E0 00 00 00 80 FF 80 00 C0 00 00 FF FF
Entry Index : 977  Timestamp: 240
94 00 00 00 00 E0 00 00 00 80 00 00 00 40 00 00 02 08 As Data(hex) : 00260086

This is an example of output from the show tcam outacl masks command:

Switch# show tcam outacl masks
Number of active masks : 6
Mask Index : 0
F0 00 00 00 00 00 00 00 00 80 FF 00 00 00 00 00 00 00
Mask Index : 1
F0 00 00 00 00 00 00 00 00 80 FF 00 00 00 00 00 00 00
Mask Index : 124
F4 00 00 00 00 00 00 00 00 80 FF 00 00 00 00 00 00 00
Mask Index : 125
F4 00 00 00 00 00 00 00 00 80 FF 00 00 00 00 00 00 00
Mask Index : 126
F0 00 00 00 00 00 00 00 00 80 00 00 00 00 00 00 00 00
Mask Index : 127
F0 00 00 00 00 00 00 00 00 80 00 00 00 00 00 00 00 00 

This is an example of output from the show tcam inacl statistics command:

Switch# show tcam inacl statistics
Ingress ACL TCAM: Number of active labels: 1
Ingress ACL TCAM: Number of allocated masks: 13
Ingress ACL TCAM: Number of allocated entries: 28
                                                      

This is an example of output from the show tcam outacl size command:

Switch# show tcam outacl size
Egress ACL TCAM Size: 1024 Entries 

Related Commands

Command
Description

show fm interface

Displays per-interface feature-manager information. Used with the show fm label command to show which features were able to fit into the hardware.

show fm label

Displays feature-manager information for a specified label to list features associated with the label that were not able to fit into hardware.


show tcam qos

Use the show tcam qos privileged EXEC command to display about the quality of service (QoS) region of the specified ternary content addressable memory (TCAM). Use the keywords to display information for a specific TCAM ID or specific characteristics.

show tcam qos tcam_id {entries [tcam_id]} | {labels [tcam_id]} | {masks [tcam_id] | size | statistics [entries | hits | labels | masks]}[ | {begin | exclude | include} expression]

Syntax Description

tcam_id

Identify the TCAM ID for displaying QoS TCAM information. The range is 1-3 for Gigabit Ethernet switches and is always 1 for Fast Ethernet switches.

entries

Display one or all TCAM QoS entries and associated information. When all entries are displayed, the mask information is also displayed. This display output is a raw hex dump of information, intended for a Cisco technical support representative.

labels

Display entries and associated information for a QoS label. This display output is a raw hex dump of information, intended for a Cisco technical support representative.

masks

Display mask information. This display output is a raw hex dump of information, intended for a Cisco technical support representative.

size

Display the size of the QoS TCAM region.

statistics [entries | hits | labels | masks]

Display allocation statistics for the QoS TCAM region.

(Optional) Display allocation statistics for entries, hits, labels, or masks.

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

These displays provide information that might be useful for Cisco technical support representatives troubleshooting the switch.

Examples

This is an example of output from the show tcam qos masks command for TCAM 2:

Switch# show tcam qos 2 masks
Number of active masks : 4
Mask Index : 252
F4 00 00 00 00 00 00 00 00 FF 00 00 00 00 00 00 00 00
Mask Index : 253
F4 00 00 00 00 00 00 00 00 FF 00 00 00 00 00 00 00 00
Mask Index : 254
F0 00 00 00 00 00 00 00 00 80 00 00 00 00 00 00 00 00
Mask Index : 255
F0 00 00 00 00 00 00 00 00 80 00 00 00 00 00 00 00 00

This is an example of output from the show tcam qos entries command for TCAM 1:

Switch# show tcam qos 1 entries
No active labels/entries

This is an example of output from the show tcam qos statistics command for TCAM 1:

Switch# show tcam qos 2 statistics
QoS TCAM #2: Number of active labels: 0
QoS TCAM#2: Number of allocated masks: 4
QoS TCAM#2: Number of allocated entries: 10                             

show udld

Use the show udld privileged EXEC command to display UniDirectional Link Detection (UDLD) administrative and operational status for all ports or the specified port.

show udld [interface-id] [ | {begin | exclude | include} expression]

Syntax Description

interface-id

(Optional) ID of the interface and port number. Valid interfaces include physical ports and VLANs. The VLAN range is 1 to 1001.

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

If you do not enter an interface-id, administrative and operational UDLD status for all interfaces are displayed.

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

Examples

This is an example of output from the show udld gigabitethernet0/11 command. For this display, UDLD is enabled on both ends of the link, and UDLD detects that the link is bidirectional. Table 2-19 describes the fields in this display.

Switch# show udld gigabitethernet0/11
Interface gi0/11
---
Port enable administrative configuration setting: Follows device default
Port enable operational state: Enabled
Current bidirectional state: Bidirectional
Current operational state: Advertisement - Single Neighbor detected
Message interval: 60
Time out interval: 5
    Entry 1
    Expiration time: 146
    Device ID: 1
    Current neighbor state: Bidirectional
    Device name: 0050e2826000  
    Port ID: Gi0/12
    Neighbor echo 1 device: SAD03160954
    Neighbor echo 1 port: Gi0/11 
    Message interval: 5
    CDP Device name: 066527791 

Table 2-19 show udld Field Descriptions 

Field
Description

Interface

The interface on the local device configured for UDLD.

Port enable administrative configuration setting

How UDLD is configured on the port. If UDLD is enabled or disabled, the port enable configuration setting is the same as the operational enable state. Otherwise, the enable operational setting depends on the global enable setting.

Port enable operational state

Operational state that shows whether UDLD is actually running on this port.

Current bidirectional state

The bidirectional state of the link. An unknown state is displayed if the link is down or if it is connected to an UDLD-incapable device. A bidirectional state is displayed if the link is a normal two-way connection to a UDLD-capable device. All other values mean miswiring.

Current operational state

The current phase of the UDLD state machine. For a normal bidirectional link, the state machine is most often in the Advertisement phase.

Message interval

How often advertisement messages are sent from the local device. Measured in seconds.

Time out interval

The time period, in seconds, that UDLD waits for echoes from a neighbor device during the detection window.

Entry 1

Information from the first cache entry, which contains a copy of echo information received from the neighbor.

Expiration time

The amount of time in seconds remaining before this cache entry is aged out.

Device ID

The neighbor device identification.

Current neighbor state

The neighbor's current state. If both the local and neighbor devices are running UDLD normally, the neighbor state and local state should be bidirectional. If the link is down or the neighbor is not UDLD-capable, no cache entries are displayed.

Device name

The neighbor MAC address.

Port ID

The neighbor port ID enabled for UDLD.

Neighbor echo 1 device

The MAC address of the neighbors' neighbor from which the echo originated.

Neighbor echo 1 port

The port number ID of the neighbor from which the echo originated.

Message interval

The rate, in seconds, at which the neighbor is sending advertisement messages.

CDP device name

CDP name of the device.

Related Commands

Command
Description

udld (global configuration)

Enables aggressive or normal mode in UDLD or sets the configurable message timer time.

udld (interface configuration)

Enables UDLD on an individual interface or prevents a fiber-optic interface from being enabled by the udld global configuration command.

udld reset

Resets all interfaces shutdown by UDLD and permits traffic to begin passing through them again.


show version

Use the show version privileged EXEC command to display version information for the hardware and firmware.

show version [ | {begin | exclude | include} expression]

Syntax Description

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

Examples

This is an example of output from the show version command:

Switch# show version
Cisco Internetwork Operating System Software
IOS (tm) C3550 Software (C3550-I5Q3L2-M), Version 12.1(0.0.37)EA1, BETA TEST SOFTWARE
Copyright (c) 1986-2001 by cisco Systems, Inc.
Compiled Tue 09-Oct-01 06:27 by devgoyal
Image text-base: 0x00003000, data-base: 0x006191D0

ROM: Bootstrap program is C3550 boot loader

NMS-Perdido-12T-202 uptime is 2 weeks, 1 day, 14 hours, 29 minutes
System returned to ROM by power-on
System image file is "flash:c3550-i5q3l2-mz.121-0.0.37.EA1/c3550-i5q3l2-mz.121-0
.0.37.EA1.bin"

cisco WS-C3550-12T (PowerPC) processor with 65526K/8192K bytes of memory.
Last reset from warm-reset
Bridging software.
Running Layer2/3 Switching Image

Ethernet-controller 1 has 1 Gigabit  Ethernet/IEEE 802.3 interfaces

Ethernet-controller 2 has 1 Gigabit  Ethernet/IEEE 802.3 interfaces

Ethernet-controller 3 has 1 Gigabit  Ethernet/IEEE 802.3 interfaces

Ethernet-controller 4 has 1 Gigabit  Ethernet/IEEE 802.3 interfaces

Ethernet-controller 5 has 1 Gigabit  Ethernet/IEEE 802.3 interfaces

Ethernet-controller 6 has 1 Gigabit  Ethernet/IEEE 802.3 interfaces

Ethernet-controller 7 has 1 Gigabit  Ethernet/IEEE 802.3 interfaces

Ethernet-controller 8 has 1 Gigabit  Ethernet/IEEE 802.3 interfaces

Ethernet-controller 9 has 1 Gigabit  Ethernet/IEEE 802.3 interfaces

Ethernet-controller 10 has 1 Gigabit  Ethernet/IEEE 802.3 interfaces

Ethernet-controller 11 has 1 Gigabit  Ethernet/IEEE 802.3 interfaces

Ethernet-controller 12 has 1 Gigabit  Ethernet/IEEE 802.3 interfaces

12 Gigabit Ethernet/IEEE 802.3 interface(s)

The password-recovery mechanism is enabled.
32K bytes of flash-simulated nonvolatile configuration memory.
Base ethernet MAC Address: 00:02:4B:29:2E:00
Configuration register is 0x10F

show vlan

Use the show vlan privileged EXEC command to display the parameters for all configured VLANs or one VLAN (if the VLAN ID or name is specified) in the administrative domain.

show vlan [brief | id vlan-id | name vlan-name] [ | {begin | exclude | include} expression]

Syntax Description

brief

(Optional) Display one line for each VLAN with the VLAN name, status, and its ports

id vlan-id

(Optional) Display information about a single VLAN identified by VLAN ID number. Valid IDs are from 1 to 1005; do not enter leading zeros.

name vlan-name

(Optional) Display information about a single VLAN identified by VLAN name. The VLAN name is an ASCII string from 1 to 32 characters.

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

Examples

This is an example of output from the show vlan command:

Switch# show vlan

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Gi0/1, Gi0/2, Gi0/3, Gi0/4
                                                Gi0/5, Gi0/6, Gi0/7, Gi0/8
                                                Gi0/9, Gi0/10, Gi0/11, Gi0/12
1002 fddi-default                     active
1003 token-ring-default               active
1004 fddinet-default                  active
1005 trnet-default                    active

VLAN Type  SAID       MTU   Parent RingNo BridgeNo Stp  BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1    enet  100001     1500  -      -      -        -    -        1002   1003
1002 fddi  101002     1500  -      -      -        -    -        1      1003
1003 tr    101003     1500  1005   0      -        -    srb      1      1002
1004 fdnet 101004     1500  -      -      1        ibm  -        0      0
1005 trnet 101005     1500  -      -      1        ibm  -        0      0

This is an example of output from the show vlan brief command:

Switch# show vlan brief


VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Gi0/1, Gi0/2, Gi0/3, Gi0/4
                                                Gi0/5, Gi0/6, Gi0/7, Gi0/8
                                                Gi0/9, Gi0/10, Gi0/11, Gi0/12
1002 fddi-default                     active
1003 token-ring-default               active
1004 fddinet-default                  active
1005 trnet-default                    active

This is an example of output from the show vlan id 1 command. You would see the same output if you entered the show vlan name default command:

Switch# show vlan id 1

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Gi0/1, Gi0/2, Gi0/3, Gi0/4
                                                Gi0/5, Gi0/6, Gi0/7, Gi0/8
                                                Gi0/9, Gi0/10, Gi0/11, Gi0/12

VLAN Type  SAID       MTU   Parent RingNo BridgeNo Stp  BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1    enet  100001     1500  -      -      -        -    -        1002   1003 

Table 2-20 show vlan Command Output Fields 

Field
Description

VLAN

VLAN number.

Name

Name, if configured, of the VLAN.

Status

Status of the VLAN (active or suspend).

Ports

Ports that belong to the VLAN.

Type

Media type of the VLAN.

SAID

Security association ID value for the VLAN.

MTU

Maximum transmission unit size for the VLAN.

Parent

Parent VLAN, if one exists.

RingNo

Ring number for the VLAN, if applicable.

BrdgNo

Bridge number for the VLAN, if applicable.

Stp

Spanning Tree Protocol type used on the VLAN.

BrdgMode

Bridging mode for this VLAN—possible values are source-route bridging (SRB) and source-route transparent (SRT); the default is SRB.

Trans1

Translation bridge 1.

Trans2

Translation bridge 2.

AREHops

Maximum number of hops for All-Routes Explorer frames—possible values are 1 through 13; the default is 7.

STEHops

Maximum number of hops for Spanning-Tree Explorer frames—possible values are 1 through 13; the default is 7.

Backup CRF

Status of whether or not the Token Ring concentrator relay function (TrCRF) is a backup path for traffic.


Related Commands

Command
Description

switchport mode

Configures the VLAN membership mode of a port.

vlan

Configures VLAN characteristics.


show vlan access-map

Use the show vlan access-map privileged EXEC command to display information about a particular VLAN access map or all VLAN access maps.

show vlan access-map [mapname] [ | {begin | exclude | include} expression]

Syntax Description

mapname

(Optional) Name of a specific VLAN access map.

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

Examples

This is an example of output from the show vlan access-map command:

Switch# show vlan access-map
Vlan access-map "map_1" 10
  Match clauses:
     ip address: ip1
  Action:
     drop
Vlan access-map "map_1" 20
  Match clauses:
     mac address: mac1
  Action:
     forward
Vlan access-map "map_1" 30
  Match clauses:
  Action:
     drop

Related Commands

Command
Description

vlan access-map

Creates a VLAN map entry for VLAN packet filtering.

vlan filter

Applies a VLAN map to one or more VLANs.

show vlan filter

Displays information about all VLAN filters or about a particular VLAN or VLAN access map.


show vlan filter

Use the show vlan filter privileged EXEC command to display information about all VLAN filters or about a particular VLAN or VLAN access map.

show vlan filter [access-map name | vlan vlan-id] [ | {begin | exclude | include} expression]

Syntax Description

access-map name

(Optional) Display filtering information for the specified VLAN access map.

vlan vlan-id

(Optional) Display filtering information for the specified VLAN.

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

Examples

This is an example of output from the show vlan filter command:

Switch# show vlan filter 
VLAN Map map_1 is filtering VLANs:
  20-22

Related Commands

Command
Description

show vlan access-map

Displays information about a particular VLAN access map or all VLAN access maps.

vlan access-map

Creates a VLAN map entry for VLAN packet filtering.

vlan filter

Applies a VLAN map to one or more VLANs.


show vmps

Use the show vmps privileged EXEC command without keywords to display the VLAN Query Protocol (VQP) version, reconfirmation interval, retry count, VLAN Membership Policy Server (VMPS) IP addresses, and the current and primary servers, or use the statistics keyword to display client-side statistics.

show vmps [statistics] [ | {begin | exclude | include} expression]

Syntax Description

statistics

(Optional) Display VQP client-side statistics and counters.

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

Examples

This is an example of output from the show vmps command:

Switch# show vmps
VQP Client Status:
--------------------
VMPS VQP Version:   1
Reconfirm Interval: 60 min
Server Retry Count: 3
VMPS domain server:

Reconfirmation status
---------------------
VMPS Action:         other

This is an example of output from the show vmps statistics command. Table 2-21 describes each field in the display.

Switch# show vmps statistics
VMPS Client Statistics
----------------------
VQP  Queries:               0
VQP  Responses:             0
VMPS Changes:               0
VQP  Shutdowns:             0
VQP  Denied:                0
VQP  Wrong Domain:          0
VQP  Wrong Version:         0
VQP  Insufficient Resource: 0 

Table 2-21 show vmps statistics Field Descriptions 

Field
Description

VQP Queries

Number of queries sent by the client to the VMPS.

VQP Responses

Number of responses sent to the client from the VMPS.

VMPS Changes

Number of times that the VMPS changed from one server to another.

VQP Shutdowns

Number of times the VMPS sent a response to shut down the port. The client disables the port and removes all dynamic addresses on this port from the address table. You must administratively re-enable the port to restore connectivity.

VQP Denied

Number of times the VMPS denied the client request for security reasons. When the VMPS response denies an address, no frame is forwarded to or from the workstation with that address (broadcast or multicast frames are delivered to the workstation if the port has been assigned to a VLAN). The client keeps the denied address in the address table as a blocked address to prevent more queries from being sent to the VMPS for each new packet received from this workstation. The client ages the address if no new packets are received from this workstation on this port within the aging time period.

VQP Wrong Domain

Number of times the management domain in the request does not match the one for the VMPS. Any previous VLAN assignments of the port are not changed. This response means that the server and the client have not been configured with the same VTP management domain.

VQP Wrong Version

Number of times the version field in the query packet contains a value that is higher than the version supported by the VMPS. The VLAN assignment of the port is not changed. The switches send only VMPS version 1 requests.

VQP Insufficient Resource

Number of times the VMPS is unable to answer the request because of a resource availability problem. If the retry limit has not yet been reached, the client repeats the request with the same server or with the next alternate server, depending on whether the per-server retry count has been reached.


Related Commands

Command
Description

clear vmps statistics

Clears the statistics maintained by the VQP client.

vmps reconfirm (privileged EXEC)

Sends VQP queries to reconfirm all dynamic VLAN assignments with the VMPS.

vmps retry

Configures the per-server retry count for the VQP client.

vmps server

Configures the primary VMPS and up to three secondary servers.


show vtp

Use the show vtp privileged EXEC command to display general information about the VLAN Trunking Protocol (VTP) management domain, status, and counters.

show vtp {counters | status} [ | {begin | exclude | include} expression]

Syntax Description

counters

Display the VTP statistics for the switch.

status

Display general information about the VTP management domain status.

| begin

(Optional) Display begins with the line that matches the expression.

| exclude

(Optional) Display excludes lines that match the expression.

| include

(Optional) Display includes lines that match the specified expression.

expression

Expression in the output to use as a reference point.


Command Modes

Privileged EXEC

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

Expressions are case sensitive. For example, if you enter | exclude output, the lines that contain output are not displayed, but the lines that contain Output are displayed.

Examples

This is an example of output from the show vtp counters command. Table 2-22 describes each field in the display.

Switch# show vtp counters

VTP statistics:
Summary advertisements received    : 38
Subset advertisements received     : 0
Request advertisements received    : 0
Summary advertisements transmitted : 13
Subset advertisements transmitted  : 3
Request advertisements transmitted : 0
Number of config revision errors   : 0
Number of config digest errors     : 0
Number of V1 summary errors        : 0

VTP pruning statistics:

Trunk            Join Transmitted Join Received    Summary advts received from
                                                   non-pruning-capable device
---------------- ---------------- ---------------- ---------------------------
Fa0/9               827              824              0
Fa0/10              827              823              0 
Fa0/11              827              823              0

Table 2-22 show vtp counters Field Descriptions 

Field
Description

Summary advertisements received

Number of summary advertisements received by this switch on its trunk ports. Summary advertisements contain the management domain name, the configuration revision number, the update timestamp and identity, the authentication checksum, and the number of subset advertisements to follow.

Subset advertisements received

Number of subset advertisements received by this switch on its trunk ports. Subset advertisements contain all the information for one or more VLANs.

Request advertisements received

Number of advertisement requests received by this switch on its trunk ports. Advertisement requests normally request information on all VLANs. They can also request information on a subset of VLANs.

Summary advertisements transmitted

Number of summary advertisements sent by this switch on its trunk ports. Summary advertisements contain the management domain name, the configuration revision number, the update timestamp and identity, the authentication checksum, and the number of subset advertisements to follow.

Subset advertisements transmitted

Number of subset advertisements sent by this switch on its trunk ports. Subset advertisements contain all the information for one or more VLANs.

Request advertisements transmitted

Number of advertisement requests sent by this switch on its trunk ports. Advertisement requests normally request information on all VLANs. They can also request information on a subset of VLANs.

Number of configuration revision errors

Number of revision errors.

Whenever you define a new VLAN, delete an existing one, suspend or resume an existing VLAN, or modify the parameters on an existing VLAN, the configuration revision number of the switch increments.

Revision errors increment whenever the switch receives an advertisement whose revision number matches the revision number of the switch, but the MD5 digest values do not match. This error means that the VTP password in the two switches is different or that the switches have different configurations.

These errors means that the switch is filtering incoming advertisements, which causes the VTP database to become unsynchronized across the network.

Number of configuration digest errors

Number of MD5 digest errors.

Digest errors increment whenever the MD5 digest in the summary packet and the MD5 digest of the received advertisement calculated by the switch do not match. This error usually means that the VTP password in the two switches is different. To solve this problem, make sure the VTP password on all switches is the same.

These errors mean that the switch is filtering incoming advertisements, which causes the VTP database to become unsynchronized across the network.

Number of V1 summary errors

Number of version 1 errors.

Version 1 summary errors increment whenever a switch in VTP V2 mode receives a VTP version 1 frame. These errors mean that at least one neighboring switch is either running VTP version 1 or VTP version 2 with V2-mode disabled. To solve this problem, change the configuration of the switches in VTP V2-mode to disabled.

Join Transmitted

Number of VTP pruning messages sent on the trunk.

Join Received

Number of VTP pruning messages received on the trunk.

Summary Advts Received from non-pruning-capable device

Number of VTP summary messages received on the trunk from devices that do not support pruning.


This is an example of output from the show vtp status command. Table 2-23 describes each field in the display.

Switch# show vtp status

VTP Version                     : 2
Configuration Revision          : 0
Maximum VLANs supported locally : 1005
Number of existing VLANs        : 5
VTP Operating Mode              : Server
VTP Domain Name                 :
VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0xBF 0x86 0x94 0x45 0xFC 0xDF 0xB5 0x70
Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00
Local updater ID is 172.20.135.196 on interface Vl1 (lowest numbered VLAN interface found) 

Table 2-23 show vtp status Field Descriptions 

Field
Description

VTP Version

Displays the VTP version operating on the switch. By default, the switch implements version 1 but can be set to version 2.

Configuration Revision

Current configuration revision number on this switch.

Maximum VLANs Supported Locally

Maximum number of VLANs supported locally.

Number of Existing VLANs

Number of existing VLANs.

VTP Operating Mode

Displays the VTP operating mode, which can be server, client, or transparent.

Server: a switch in VTP server mode is enabled for VTP and sends advertisements. You can configure VLANs on it. The switch guarantees that it can recover all the VLAN information in the current VTP database from nonvolatile RAM (NVRAM) after reboot. By default, every switch is a VTP server.

Note The switch automatically changes from VTP server mode to VTP client mode if it detects a failure while writing the configuration to NVRAM and cannot return to server mode until the NVRAM is functioning.

Client: a switch in VTP client mode is enabled for VTP, can send advertisements, but does not have enough nonvolatile storage to store VLAN configurations. You cannot configure VLANs on it. When a VTP client starts up, it does not send VTP advertisements until it receives advertisements to initialize its VLAN database.

Transparent: a switch in VTP transparent mode is disabled for VTP, does not send or learn from advertisements sent by other devices, and cannot affect VLAN configurations on other devices in the network. The switch receives VTP advertisements and forwards them on all trunk ports except the one on which the advertisement was received.

VTP Domain Name

Name that identifies the administrative domain for the switch.

VTP Pruning Mode

Displays whether pruning is enabled or disabled. Enabling pruning on a VTP server enables pruning for the entire management domain. Pruning restricts flooded traffic to those trunk links that the traffic must use to access the appropriate network devices.

VTP V2 Mode

Displays if VTP version 2 mode is enabled. All VTP version 2 switches operate in version 1 mode by default. Each VTP switch automatically detects the capabilities of all the other VTP devices. A network of VTP devices should be configured to version 2 only if all VTP switches in the network can operate in version 2 mode.

VTP Traps Generation

Displays whether VTP traps are sent to a network management station.

MD5 Digest

A 16-byte checksum of the VTP configuration.

Configuration Last Modified

Displays the date and time of the last configuration modification. Displays the IP address of the switch that caused the configuration change to the database.


Related Commands

Command
Description

clear vtp counters

Clears the VTP and pruning counters.

vtp (VLAN configuration)

Configures the VTP mode.


shutdown

Use the shutdown interface configuration command to disable an interface. Use the no form of this command to restart a disabled port or switch virtual interface (SVI).

shutdown

no shutdown

Syntax Description

This command has no arguments or keywords.

Command Modes

Interface configuration

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

The shutdown command for a port causes it to stop forwarding. You can enable the port with the no shutdown command.

The no shutdown command has no effect if the port is a static-access port assigned to a VLAN that has been deleted, suspended, or shut down. The port must first be a member of an active VLAN before it can be re-enabled.

The shutdown command disables all functions on the specified interface.

This command also marks the interface as unavailable. To see if an interface is disabled, use the show interfaces privileged EXEC command. An interface that has been shut down is shown as administratively down in the display.

Examples

These examples show how to disable and re-enable an interface:

Switch(config)# interface gigabitethernet0/2
Switch(config-if)# shutdown

Switch(config)# interface gigabitethernet0/2
Switch(config-if)# no shutdown

You can verify your settings by entering the show interfaces privileged EXEC command.

Related Commands

Command
Description

show interfaces

Displays the statistical information specific to all interfaces or to a specific interface.


shutdown vlan

Use the shutdown vlan global configuration command to shut down (suspend) local traffic on the specified VLAN. Use the no form of this command to restart local traffic on the VLAN.

shutdown vlan vlan-id

no shutdown vlan vlan-id

Syntax Description

vlan-id

ID of the VLAN to be locally shut down. Valid IDs are from 2 to 1001, excluding VLANs defined as default VLANs under the VLAN Trunking Protocol (VTP).
The default VLANs are 1 and 1002-1005. Do not enter leading zeros.


Defaults

No default is defined.

Command Modes

Global configuration

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

The shutdown vlan command does not change the VLAN information in the VTP database. It shuts down traffic locally, but the switch still advertises VTP information.

Examples

This example shows how to shutdown traffic on VLAN 2:

Switch(config)# shutdown vlan 2

You can verify your setting by entering the show vlan privileged EXEC command.

Related Commands

Command
Description

abort

Abandons the proposed VLAN database and exits VLAN configuration mode.

apply

Implements the proposed new VLAN database, increments the database configuration revision number, propagates it throughout the administrative domain, and remains in VLAN database mode.

flowcontrol

Implements the proposed new VLAN database, increments the database configuration number, propagates it throughout the administrative domain, and returns to privileged EXEC mode.

reset

Abandons the proposed VLAN database and remains in VLAN configuration mode. Resets the proposed database to the currently implemented VLAN database on the switch.

vlan database

Enters VLAN configuration mode from the command-line interface (CLI).


snmp-server enable traps

Use the snmp-server enable traps global configuration command to enable the switch to send Simple Network Management Protocol (SNMP) notification for various trap types to the network management system (NMS). Use the no form of this command to return to the default setting.

snmp-server enable traps [cluster | config | entity | hsrp | mac-notification | rtr | snmp | vtp]

no snmp-server enable traps [cluster | config | entity | hsrp | mac-notification | rtr | snmp | vtp]

Syntax Description

cluster

(Optional) Enable cluster traps.

config

(Optional) Enable SNMP configuration traps.

entity

(Optional) Enable SNMP entity traps.

hsrp

(Optional) Enable Hot Standby Router Protocol (HSRP) traps.

mac-notification

(Optional) Enable MAC address notification traps.

rtr

(Optional) Enable SNMP Response Time Reporter traps.

snmp

(Optional) Enable SNMP traps.

vtp

(Optional) Enable VLAN Trunking Protocol (VTP) traps.


Defaults

The sending of SNMP traps is disabled.

Command Modes

Global configuration

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.

12.1(8)EA1

The mac-notification keyword was added.


Usage Guidelines

Though visible in the command-line help string, the hsrp keyword takes affect only when the enhanced multilayer software image (EMI) is installed. All Catalyst 3550 Gigabit Ethernet switches ship with the EMI installed. Catalyst 3550 Fast Ethernet switches can be shipped with either the standard multilayer software image (SMI) or EMI pre-installed. You can order the Enhanced Multilayer Software Image Upgrade kit to upgrade Catalyst 3550 Fast Ethernet switches from the SMI to the EMI.

Specify the host (NMS) that receives the traps by using the snmp-server host global configuration command. If no trap types are specified, all trap types are sent.

Examples

This example shows how to send VTP traps to the NMS:

Switch(config)# snmp-server enable traps vtp

You can verify your setting by entering the show vtp status privileged EXEC or the show running-config privileged EXEC command.

Related Commands

Command
Description

show running-config

Displays the running configuration on the switch. For syntax information, select Cisco IOS Configuration Fundamentals Command Reference for Release 12.1 > Cisco IOS File Management Commands > Configuration File Commands.

snmp-server host

Specifies the host that receives SNMP traps.


snmp-server host

Use the snmp-server host global configuration command to specify the recipient (host) of a Simple Network Management Protocol (SNMP) notification operation. Use the no form of this command to remove the specified host.

snmp-server host host-addr {informs | traps} {version {1 | 2c}} community-string [cluster | config | entity | hsrp | mac-notification | rtr | snmp | tty | udp-port | vtp]

no snmp-server host host-addr {informs | traps} {version {1 | 2c}} community-string [cluster | config | entity | hsrp | mac-notification | rtr | snmp | tty | udp-port | vtp]

Syntax Description

host-addr

Name or Internet address of the host (the targeted recipient).

informs | traps

Send SNMP traps or informs to this host.

version 1 | 2c

Version of the Simple Network Management Protocol (SNMP) used to send the traps.

These keywords are supported:

1—SNMPv1. This option is not available with informs.

2c—SNMPv2C.

community-string

Password-like community string sent with the notification operation. Though you can set this string by using the snmp-server host command, we recommend you define this string by using the snmp-server community global configuration command before using the snmp-server host command.

cluster

(Optional) Send cluster member status traps.

config

(Optional) Send SNMP configuration traps.

entity

(Optional) Send SNMP entity traps.

hsrp

(Optional) Send Hot Standby Router Protocol (HSRP) traps.

mac-notification

(Optional) Send MAC notification traps.

rtr

(Optional) Send SNMP Response Time Reporter traps.

snmp

(Optional) Send SNMP-type traps.

tty

(Optional) Send Transmission Control Protocol (TCP) connection traps.

udp-port

(Optional) Send notification host's User Datagram Protocol (UDP) port number.

vtp

(Optional) Enable VLAN Trunking Protocol (VTP) traps.



Note Though visible in the command-line help string, the version 3 keyword (SNMPv3) is not supported.


Defaults

This command is disabled by default. No notifications are sent.

If you enter this command with no keywords, the default is to send all trap types to the host. No informs are sent to this host.

If no version keyword is present, the default is version 1.

Though visible in the command-line help string, the hsrp keyword takes affect only when the enhanced multilayer software image (EMI) is installed. All Catalyst 3550 Gigabit Ethernet switches ship with the EMI installed. Catalyst 3550 Fast Ethernet switches can be shipped with either the standard multilayer software image (SMI) or EMI pre-installed. You can order the Enhanced Multilayer Software Image Upgrade kit to upgrade Catalyst 3550 Fast Ethernet switches from the SMI to the EMI.


Note If the community-string is not defined by using the snmp-server community global configuration command before using this command, the default form of the snmp-server community command is automatically inserted into the configuration. The password (community-string) used for this automatic configuration of the snmp-server community will be the same as that specified in the snmp-server host command.


Command Modes

Global configuration

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.

12.1(8)EA1

The mac-notification keyword was added.


Usage Guidelines

SNMP notifications can be sent as traps or inform requests. Traps are unreliable because the receiver does not send acknowledgments when it receives traps. The sender cannot determine if the traps were received. However, an SNMP entity that receives an inform request acknowledges the message with an SNMP response PDU. If the sender never receives the response, the inform request can be sent again. Thus, informs are more likely to reach their intended destinations.

However, informs consume more resources in the agent and in the network. Unlike a trap, which is discarded as soon as it is sent, an inform request must be held in memory until a response is received or the request times out. Traps are also sent only once, but an inform might be retried several times. The retries increase traffic and contribute to a higher overhead on the network.

If you do not enter an snmp-server host command, no notifications are sent. To configure the switch to send SNMP notifications, you must enter at least one snmp-server host command. If you enter the command with no keywords, all trap types are enabled for the host. To enable multiple hosts, you must issue a separate snmp-server host command for each host. You can specify multiple notification types in the command for each host.

When multiple snmp-server host commands are given for the same host and kind of notification (trap or inform), each succeeding command overwrites the previous command. Only the last snmp-server host command is in effect. For example, if you enter an snmp-server host inform command for a host and then enter another snmp-server host inform command for the same host, the second command replaces the first.

The snmp-server host command is used with the snmp-server enable traps global configuration command. Use the snmp-server enable traps command to specify which SNMP notifications are sent globally. For a host to receive most notifications, at least one snmp-server enable traps command and the snmp-server host command for that host must be enabled. Some notification types cannot be controlled with the snmp-server enable traps command. For example, some notification types are always enabled. Other notification types are enabled by a different command.

The no snmp-server host command with no keywords disables traps, but not informs, to the host. To disable informs, use the no snmp-server host informs command.

Examples

This example shows how to configure a unique SNMP community string named comaccess for traps and prevent SNMP polling access with this string through access-list 10:

Switch(config)# snmp-server community comaccess ro 10
Switch(config)# snmp-server host 172.20.2.160 comaccess
Switch(config)# access-list 10 deny any

This example shows how to send the SNMP traps to the host specified by the name myhost.cisco.com. The community string is defined as comaccess:

Switch(config)# snmp-server enable traps
Switch(config)# snmp-server host myhost.cisco.com comaccess snmp 

This example shows how to enable the switch to send all traps to the host myhost.cisco.com using the community string public:

Switch(config)# snmp-server enable traps
Switch(config)# snmp-server host myhost.cisco.com public

You can verify your settings by entering the show running-config privileged EXEC command.

Related Commands

Command
Description

show running-config

Displays the running configuration on the switch. For syntax information, select Cisco IOS Configuration Fundamentals Command Reference for Release 12.1 > Cisco IOS File Management Commands > Configuration File Commands.

snmp-server enable traps

Enables SNMP notification for various trap types.


snmp trap mac-notification

Use the snmp trap mac-notification interface configuration command to enable the Simple Network Management Protocol (SNMP) MAC address notification trap on a specific interface. Use the no form of this command to return to the default setting.

snmp trap mac-notification {added | removed}

no snmp trap mac-notification {added | removed}

Syntax Description

added

Enable the MAC notification trap whenever a MAC address is added on this interface.

removed

Enable the MAC notification trap whenever a MAC address is removed from this interface.


Defaults

By default, the traps for both address addition and address removal are disabled.

Command Modes

Interface configuration

Command History

Release
Modification

12.1(8)EA1

This command was first introduced.


Usage Guidelines

Even though you enable the notification trap for a specific interface by using the snmp trap mac-notification command, the trap is generated only when you enable the snmp-server enable traps mac-notification and the mac-address-table notification global configuration commands.

Examples

This example shows how to enable the MAC notification trap when a MAC address is added to Fast Ethernet interface 0/4:

Switch(config)# interface fastethernet0/4
Switch(config-if)# snmp trap mac-notification added

You can verify your settings by entering the show mac-address-table notification interface privileged EXEC command.

Related Commands

Command
Description

mac-address-table notification

Enables the MAC address notification feature.

show mac-address-table notification

Displays the MAC address notification settings for all interfaces or on the specified interface when the interface keyword is appended.

snmp-server enable traps

Sends the SNMP MAC notification traps when the mac-notification keyword is appended.


spanning-tree backbonefast

Use the spanning-tree backbonefast global configuration command to enable the BackboneFast feature. Use the no form of the command to return to the default setting.

spanning-tree backbonefast

no spanning-tree backbonefast

Syntax Description

This command has no arguments or keywords.

Defaults

BackboneFast is disabled.

Command Modes

Global configuration

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

BackboneFast is started when a root port or blocked port on a switch receives inferior bridge protocol data units (BPDUs) from its designated bridge. An inferior BPDU identifies one switch as both the root bridge and the designated bridge. When a switch receives an inferior BPDU, it means that a link to which the switch is not directly connected (an indirect link) has failed (that is, the designated bridge has lost its connection to the root switch). If there are alternate paths to the root switch, BackboneFast causes the maximum aging time on the ports on which it received the inferior BPDU to expire and allows a blocked port to move immediately to the listening state. BackboneFast then transitions the interface to the forwarding state. For more information, refer to the Catalyst 3550 Multilayer Switch Software Configuration Guide.

Enable BackboneFast on all the Catalyst 3550 switches to allow the detection of indirect link failures and to start the spanning-tree reconfiguration sooner.

Examples

This example shows how to enable BackboneFast on the switch:

Switch(config)# spanning-tree backbonefast

You can verify your setting by entering the show spanning-tree privileged EXEC command.

Related Commands

Command
Description

show spanning-tree

Displays spanning-tree information for the specified spanning-tree instances.


spanning-tree cost

Use the spanning-tree cost interface configuration command to set the path cost for Spanning Tree Protocol (STP) calculations. If a loop occurs, spanning tree considers the path cost when selecting an interface to place into the forwarding state. Use the no form of this command to return to the default setting.

spanning-tree [vlan vlan-id] cost cost

no spanning-tree [vlan vlan-id] cost

Syntax Description

vlan vlan-id

(Optional) VLAN ID associated with a spanning-tree instance. The range is 1 to 1005. Do not enter leading zeros.

cost

Path cost can range from 1 to 200000000 (for a physical port) or 1 to 65535 (for a VLAN), with higher values meaning higher costs.


Defaults

The default path cost is computed from the interface bandwidth setting. These are the IEEE default path cost values:

1000 Mbps—4

100 Mbps—19

10 Mbps—100

Command Modes

Interface configuration

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

When you configure the cost, higher values represent higher costs.

Examples

This example shows how to set a path cost of 250 on an interface (an access port):

Switch(config)# interface gigabitethernet0/4
Switch(config-if)# spanning-tree cost 250

This example shows how to set a path cost of 300 for VLAN 10 on an interface that is a trunk port:

Switch(config-if)# spanning-tree vlan 10 cost 300

You can verify your settings by entering the show spanning-tree privileged EXEC command.

Related Commands

Command
Description

show spanning-tree

Displays spanning-tree information for the specified spanning-tree instances.

spanning-tree portfast

Enables the Port Fast feature on an interface in all its associated VLANs.

spanning-tree vlan priority

Configures the switch priority for the specified spanning-tree instance.


spanning-tree etherchannel guard misconfig

Use the spanning-tree etherchannel guard misconfig global configuration command to enable the EtherChannel guard feature and to display an error message when a loop caused by a channel misconfiguration is detected. Use the no form of this command to disable this feature.

spanning-tree etherchannel guard misconfig

no spanning-tree etherchannel guard misconfig

Syntax Description

This command has no arguments or keywords.

Defaults

The spanning-tree EtherChannel guard misconfiguration feature is enabled.

Command Modes

Global configuration

Command History

Release
Modification

12.1(8)EA1

This command was first introduced.


Usage Guidelines

To determine which local ports are involved in the misconfiguration, enter the show interfaces status err-disabled privileged EXEC command. To check the EtherChannel configuration on the remote device, enter the show etherchannel summary privileged EXEC command on the remote device.

After you correct the configuration, enter the shutdown and the no shutdown interface configuration commands on the associated port-channel interface.

Examples

This example shows how to disable the EtherChannel guard misconfiguration feature:

Switch(config)# no spanning-tree etherchannel guard misconfig

You can verify your setting by entering the show spanning-tree summary privileged EXEC command.

Related Commands

Command
Description

show spanning-tree summary

Displays spanning-tree information for the specified spanning-tree instances.


spanning-tree extend system-id

Use the spanning-tree extend system-id global configuration command to enable the extended system ID feature.

spanning-tree extend system-id


Note Though visible in the command-line help strings, the no version of this command is not supported. You cannot disable the extended system ID feature.


Syntax Description

This command has no arguments or keywords.

Defaults

The feature is enabled.

Command Modes

Global configuration

Command History

Release
Modification

12.1(8)EA1

This command was first introduced.


Usage Guidelines

In Release 12.1(8)EA1 and later, Catalyst 3550 switches support the 802.1T spanning-tree extensions, and some of the bits previously used for the switch priority are now used for the extended system ID (VLAN identifier). In earlier releases, the switch priority is a 16-bit value.

The Spanning Tree Protocol (STP) uses the extended system ID, the switch priority, and the allocated STP MAC address to make the bridge ID unique for each VLAN. With earlier releases, STP uses one MAC address per VLAN to make the bridge ID unique for each VLAN.

Support for the extended system ID affects how you manually configure the root switch, the secondary root switch, and the switch priority of a VLAN. For more information, see the spanning-tree vlan section.

If your network consists switches that do not support the extended system ID and switches that do support it, it is unlikely that the switch with the extended system ID support will become the root switch. The extended system ID increases the switch priority value every time the VLAN number is greater than the priority of the connected switches that are running older software.

Related Commands

Command
Description

show spanning-tree summary

Displays spanning-tree information for the specified spanning-tree instances.

spanning-tree vlan

Configures STP on a per-VLAN basis.


spanning-tree guard

Use the spanning-tree guard interface configuration command to enable the root guard feature for all the VLANs associated with the selected interface. Root guard restricts which interface is allowed to be the Spanning Tree Protocol (STP) root port or the path-to-the root for the switch. The root port provides the best path from the switch to the root switch. Use the no form of this command to return to the default setting.

spanning-tree guard {root | none}

no spanning-tree guard

Syntax Description

root

Enable the root guard feature.

none

Disable the root guard feature.


Defaults

The root guard feature is disabled.

Command Modes

Interface configuration

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

When the root guard feature is enabled, if spanning-tree calculations cause a port to be selected as the root port, the port transitions to the root-inconsistent (blocked) state to prevent the customer's switch from becoming the root switch or being in the path to the root.

When the no spanning-tree guard or the no spanning-tree guard none command is executed, the root guard feature is disabled for all VLANs on the selected interface. If this interface is in the root-inconsistent (blocked) state, it automatically transitions to the listening state.

Do not enable the root guard on interfaces that will be used by the UplinkFast feature. With UplinkFast, the backup interfaces (in the blocked state) replace the root port in the case of a failure. However, if root guard is also enabled, all the backup interfaces used by the UplinkFast feature are placed in the root-inconsistent state (blocked) and prevented from reaching the forwarding state.

Examples

This example shows how to enable the root guard feature on all the VLANs associated with the specified interface:

Switch(config)# interface gigabitethernet0/3
Switch(config-if)# spanning-tree guard root

You can verify your settings by entering the show running-config privileged EXEC command.

Related Commands

Command
Description

show running-config

Displays the current operating configuration. For syntax information, select Cisco IOS Configuration Fundamentals Command Reference for Release 12.1 > Cisco IOS File Management Commands > Configuration File Commands.

show spanning-tree

Displays spanning-tree information for the specified spanning-tree instances.

spanning-tree cost

Sets the path cost for STP calculations. If a loop occurs, spanning tree considers the path cost when selecting an interface to place into the forwarding state.

spanning-tree port-priority

Sets an interface priority, which is used when two switches tie for position as the root switch.

spanning-tree vlan priority

Sets the switch priority for the specified spanning-tree instance and affects the likelihood that the switch is selected as the root switch.


spanning-tree port-priority

Use the spanning-tree port-priority interface configuration command to configure an interface priority, which is used when two switches tie for position as the root switch. Use the no form of this command to return to the default setting.

spanning-tree [vlan vlan-id] port-priority priority

no spanning-tree [vlan vlan-id] port-priority

Syntax Description

vlan vlan-id

(Optional) VLAN ID associated with a spanning-tree instance. The range is 1 to 1005. Do not enter leading zeros.

priority

Number from 0 to 255. The lower the number, the higher the priority.


Defaults

The default port-priority is 128.

Command Modes

Interface configuration

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

If the variable vlan-id is omitted, the command applies to the spanning-tree instance associated with VLAN 1.

You can set the priority on a VLAN that has no interfaces assigned to it. The setting takes effect when you assign the interface to the VLAN.

Examples

This example shows how to increase the likelihood that the spanning-tree instance 20 is chosen as the root switch on the specified interface:

Switch(config)# interface gigabitethernet0/2
Switch(config-if)# spanning-tree vlan 20 port-priority 0

You can verify your settings by entering the show spanning-tree privileged EXEC command.

Related Commands

Command
Description

show spanning-tree

Displays spanning-tree information for the specified spanning-tree instances.


spanning-tree portfast

Use the spanning-tree portfast interface configuration command to enable the Port Fast feature on an interface in all its associated VLANs. When the Port Fast feature is enabled, the interface changes directly from a blocking state to a forwarding state without making the intermediate Spanning Tree Protocol (STP) state changes. Use the no form of this command to return to the default setting.

spanning-tree portfast

no spanning-tree portfast

Syntax Description

This command has no arguments or keywords.

Defaults

The Port Fast feature is disabled on all interfaces; however, it is automatically enabled on dynamic-access ports.

Command Modes

Interface configuration

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

Use this feature only on interfaces that connect to end stations; otherwise, an accidental topology loop could cause a data packet loop and disrupt switch and network operation.

This feature affects all VLANs on the interface.

A port with the Port Fast feature enabled is moved directly to the spanning-tree forwarding state without waiting the standard forward-time delay.

Examples

This example shows how to enable the Port Fast feature on an interface:

Switch(config)# interface gigabitethernet0/2
Switch(config-if)# spanning-tree portfast

You can verify your settings by entering the show running-config privileged EXEC command.

Related Commands

Command
Description

show spanning-tree

Displays spanning-tree information for the specified spanning-tree instances.

spanning-tree port-priority

Configures an interface priority, which is used when two switches tie for position as the root switch.

spanning-tree portfast bpduguard

Enables the Bridge Protocol Data Unit (BPDU) guard feature on the switch on Port Fast-configured interfaces.


spanning-tree portfast bpduguard

Use the spanning-tree portfast bpduguard global configuration command to globally enable the Bridge Protocol Data Unit (BPDU) guard feature on the switch. It shuts down Port Fast-configured interfaces that receive BPDUs rather than putting them into the spanning-tree blocking state. Use the no form of this command to return to the default setting.

spanning-tree portfast bpduguard

no spanning-tree portfast bpduguard

Syntax Description

This command has no arguments or keywords.

Defaults

The BPDU guard feature is disabled on the switch.

Command Modes

Global configuration

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

The BPDU guard feature works on interfaces that have the Port Fast feature enabled on them. Port Fast should be configured only on interfaces that connect to end stations; otherwise, an accidental topology loop could cause a data packet loop and disrupt switch and network operation. An interface with Port Fast mode enabled is moved directly to the spanning-tree forwarding state when linkup occurs, without waiting for the standard forward-time delay.

In a valid configuration, Port Fast-configured interfaces do not receive BPDUs. Receiving a BPDU on a Port Fast-configured interface signals an invalid configuration, such as the connection of an unauthorized device. If a BPDU is received on a Port-Fast configured interface, the BPDU guard feature places the interface into the ErrDisable state. The BPDU guard feature provides a secure response to invalid configurations because you must manually put the interface back in service.

Examples

This example shows how to enable the BPDU guard feature:

Switch(config)# spanning-tree portfast bpduguard

You can verify your setting by entering the show running-config privileged EXEC command.

Related Commands

Command
Description

show spanning-tree

Displays spanning-tree information for the specified spanning-tree instances.

spanning-tree portfast

Enables the Port Fast feature on an interface in all its associated VLANs.


spanning-tree stack-port

Use the spanning-tree stack-port interface configuration command to enable cross-stack UplinkFast (CSUF) on an interface and to accelerate the choice of a new root port when a link or switch fails or when Spanning Tree Protocol (STP) reconfigures itself. Use the no form of this command to return to the default setting.

spanning-tree stack-port

no spanning-tree stack-port

Syntax Description

This command has no arguments or keywords.

Defaults

CSUF is disabled on all interfaces.

Command Modes

Interface configuration

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

This command is effective only if you enable the UplinkFast feature by using the spanning-tree uplinkfast global configuration command.

Use this command only on access switches.

You can enable CSUF only on one stack-port Gigabit Interface Converter (GBIC) interface. The stack port connects to the GigaStack GBIC multidrop backbone. If you try to enable CSUF on a Fast Ethernet or a copper-based Gigabit Ethernet port, you receive an error message.

If CSUF is already enabled on an interface and you try to enable it on another interface, you receive an error message. You must disable CSUF on the first interface before enabling it on a new interface.

Examples

This example shows how to enable CSUF on the GBIC interface:

Switch(config)# interface gigabitethernet0/11
Switch(config-if)# spanning-tree stack-port 

You can verify your settings by entering the show spanning-tree privileged EXEC command.

Related Commands

Command
Description

show spanning-tree

Displays spanning-tree information for the specified spanning-tree instances.


spanning-tree uplinkfast

Use the spanning-tree uplinkfast global configuration command to accelerate the choice of a new root port when a link or switch fails or when Spanning Tree Protocol (STP) reconfigures itself. Use the no form of this command to return to the default setting.

spanning-tree uplinkfast [max-update-rate pkts-per-second]

no spanning-tree uplinkfast [max-update-rate]

Syntax Description

max-update-rate pkts-per-second

(Optional) The number of packets per second at which update packets are sent. The range is 0 to 65535.


Defaults

UplinkFast is disabled.

The update rate is 150 packets per second.

Command Modes

Global configuration

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

Use this command only on access switches.

When you enable UplinkFast, it is enabled for the entire switch and cannot be enabled for individual VLANs.

UplinkFast increases the switch priority to 49152 and adds 3000 to the STP path cost only if the port used the default path cost before enabling UplinkFast. If you changed the path cost before enabling UplinkFast, this value is not changed after enabling UplinkFast.

This changes to the switch priority and path cost reduces the chance that the switch will become the root switch. When spanning tree detects that the root port has failed, UplinkFast immediately switches over to an alternate root port, changing the new root port directly to FORWARDING state. During this time, a topology change notification is sent.

Do not enable the root guard on interfaces that will be used by the UplinkFast feature. With UplinkFast, the backup interfaces (in the blocked state) replace the root port in the case of a failure. However, if root guard is also enabled, all the backup interfaces used by the UplinkFast feature are placed in the root-inconsistent state (blocked) and prevented from reaching the forwarding state.

If you set the max-update-rate to 0, station-learning frames are not generated, so the STP topology converges more slowly after a loss of connectivity.

Examples

This example shows how to enable UplinkFast:

Switch(config)# spanning-tree uplinkfast 

You can verify your setting by entering the show spanning-tree privileged EXEC command.

Related Commands

Command
Description

show spanning-tree

Displays spanning-tree information for the specified spanning-tree instances.

spanning-tree vlan root primary

Forces this switch to be the root switch.


spanning-tree vlan

Use the spanning-tree vlan global configuration command to configure Spanning Tree Protocol (STP) on a per-VLAN basis. Use the no form of this command to return to the default setting.

spanning-tree vlan vlan-id {forward-time seconds | hello-time seconds | max-age seconds |
priority priority | {root {primary | secondary} [diameter net-diameter
[hello-time seconds]]}}

no spanning-tree vlan vlan-id [forward-time | hello-time | max-age | priority | root]

Syntax Description

vlan-id

VLAN ID associated with a spanning-tree instance. The range is 1 to 1005. Do not enter leading zeros.

forward-time seconds

Set the forward-delay time for the specified spanning-tree instance. The forwarding time determines how long each of the listening and learning states last before the interface begins forwarding. The range is 4 to 30 seconds.

hello-time seconds

Set the interval between hello Bridge Protocol Data Units (BPDUs) sent by the root switch configuration messages. The range is 1 to 10 seconds.

max-age seconds

Set the interval between messages the spanning tree receives from the root switch. If a switch does not receive a BPDU message from the root switch within this interval, it recomputes the STP topology. The range is 6 to 40 seconds.

priority priority

Set the switch priority for the specified spanning-tree instance. This setting affects the likelihood that the switch is selected as the root switch.

The range is 0 to 61440 in increments of 4096. Valid priority values are 4096, 8192, 12288, 16384, 20480, 24576, 28672, 32768, 36864, 40960, 45056, 49152, 53248, 57344, and 61440. All other values are rejected.

root primary

Force this switch to be the root switch.

root secondary

Set this switch to be the root switch should the primary root switch fail.

diameter net-diameter

Set the maximum number of switches between any two end stations. The range is 2 to 7.


Defaults

Spanning tree is enabled on all VLANs.

The forward-delay time is 15 seconds.

The hello time is 2 seconds.

The max-age is 20 seconds.

The switch priority is 32768.

No STP root switch is configured.

Command Modes

Global configuration

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.

12.1(8)EA1

The range of value for priority priority changed from 1 to 65535 to 1 to 61440 (in increments of 4096).


Usage Guidelines

Disabling STP causes the VLAN to stop participating in STP. Interfaces that are administratively down remain down. Received Bridge Protocol Data Units (BPDUs) are forwarded like other multicast frames. The VLAN does not detect and prevent loops when STP is disabled.

You can disable STP on a VLAN that is not currently active and verify the change by using the show running-config or the show spanning-tree vlan vlan-id privileged EXEC command. The setting takes effect when the VLAN is activated.

When disabling or re-enabling STP, you must specify each VLAN you want to disable or enable on a single command line.

When an STP VLAN is disabled and then enabled, all assigned VLANs continue to be its members. However, all spanning-tree bridge parameters are returned to their previous settings (the last setting before the STP VLAN was disabled).

You can enable STP and any of its options on a VLAN that has no interfaces assigned to it. The setting takes effect when you assign interfaces to it.

When setting the max-age seconds, if a switch does not receive BPDUs from the root switch within the specified interval, it recomputes the spanning-tree topology. The max-age setting must be greater than the hello-time setting.

The spanning-tree vlan vlan-id root command should be used only on backbone switches.

When you enter the spanning-tree vlan vlan-id root command, the software checks the switch priority of the current root switch for each VLAN. Because of the extended system ID support, the switch sets the switch priority for the specified VLAN to 24576 if this value will cause this switch to become the root for the specified VLAN.

When you enter the spanning-tree vlan vlan-id root secondary command, because of support for the extended system ID, the software alters this switch's switch priority from the default value (32768) to 28672. If the root switch should fail, this switch becomes the next root switch (if the other switches in the network use the default switch priority of 32768, and therefore, are unlikely to become the root switch).

Examples

This example shows how to disable STP on VLAN 5:

Switch(config)# no spanning-tree vlan 5

You can verify your setting by entering the show spanning-tree privileged EXEC command. In this instance, VLAN 5 does not appear in the list.

This example shows how to set the spanning-tree forwarding time to 18 seconds for VLAN 20:

Switch(config)# spanning-tree vlan 20 forward-time 18

This example shows how to set the spanning-tree hello-delay time to 3 seconds for VLAN 20:

Switch(config)# spanning-tree vlan 20 hello-time 3

This example shows how to set spanning-tree max-age to 30 seconds for VLAN 20:

Switch(config)# spanning-tree vlan 20 max-age 30

This example shows how to reset the max-age parameter to the default value for spanning-tree instance 100:

Switch(config)# no spanning-tree vlan 100 max-age

This example shows how to set the spanning-tree priority to 125 for VLAN 20:

Switch(config)# spanning-tree vlan 20 priority 125

This example shows how to configure the switch as the root switch for VLAN 10 with a network diameter of 4:

Switch(config)# spanning-tree vlan 10 root primary diameter 4

This example shows how to configure the switch as the secondary root switch for VLAN 10 with a network diameter of 4:

Switch(config)# spanning-tree vlan 10 root secondary diameter 4 

You can verify your settings by entering the show spanning-tree privileged EXEC command.

Related Commands

Command
Description

show spanning-tree

Displays spanning-tree information for the specified spanning-tree instances.

spanning-tree cost

Sets the path cost for STP calculations.

spanning-tree guard

Enables the root guard feature for all the VLANs associated with the selected interface.

spanning-tree port-priority

Sets an interface priority, which is used when two switches tie for the position of the root switch.

spanning-tree portfast

Enables the Port Fast feature on an interface in all its associated VLANs.

spanning-tree uplinkfast

Enables the UplinkFast feature, which accelerates the choice of a new root port.


speed

Use the speed interface configuration command to specify the speed of a 10/100 Mbps or 10/100/1000 Mbps port. Use the no or default form of this command to return the port to its default value.

speed {10 | 100 | 1000 | auto | nonegotiate}

no speed


Note You cannot configure speed or duplex mode on Gigabit Interface Converter (GBIC) ports, but for certain types of GBICs, you can configure speed to not negotiate (nonegotiate) if connected to a device that does not support autonegotiation.


Syntax Description

10

Port runs at 10 Mbps.

100

Port runs at 100 Mbps.

1000

Port runs at 1000 Mbps. This option is valid and visible only on Gigabit Ethernet (Tx) ports.

auto

Port automatically detects the speed it should run at based on the port at the other end of the link.

nonegotiate

Autonegotiation is disabled and the port runs at 1000 Mbps. This option is valid and visible only on 1000BASE-SX, -LX, and -ZX GBIC ports. Gigastack GBICs and 1000BASE-T GBICs do not support disabling of autonegotiation.


Defaults

The default is auto.

Command Modes

Interface configuration

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.

12.1(6)EA1

The 1000 and nonegotiate keywords were added.


Usage Guidelines

You can configure Fast Ethernet port speed to either 10 or 100 Mbps. You can configure Gigabit Ethernet port speed to 10, 100, or 1000 Mbps. You cannot configure speed on Gigabit Interface Converter (GBIC) interfaces, but for 1000BASE-SX, -LX, or -ZX GBICs, you can configure speed to not negotiate (nonegotiate) if connected to a device that does not support autonegotiation.

If the speed is set to auto, the switch negotiates with the device at the other end of the link for the speed setting and then forces the speed setting to the negotiated value. The duplex setting remains as configured on each end of the link, which could result in a duplex setting mismatch.

If both ends of the line support autonegotiation, we highly recommend the default autonegotiation settings. If one interface supports autonegotiation and the other end does not, configure duplex and speed on both interfaces; do use the auto setting on the supported side.

If both the speed and duplex are set to specific values, autonegotiation is disabled.


Caution Changing the interface speed and duplex mode configuration might shut down and re-enable the interface during the reconfiguration.


Note For guidelines on setting the switch speed and duplex parameters, refer to the Catalyst 3550 Multilayer Switch Software Configuration Guide for this release.


Examples

This example shows how to set the specified interface to 100 Mbps:

Switch(config)# interface gigabitethernet0/1
Switch(config-if)# speed 100

You can verify your settings by entering the show interfaces privileged EXEC command.

Related Commands

Command
Description

duplex

Specifies the duplex mode of operation for Fast Ethernet and Gigabit Ethernet ports.

show interfaces

Displays the statistical information specific to all interfaces or to a specific interface


standby mac-address

Use the standby mac-address interface configuration command to specify the virtual MAC address for the virtual router. Use the no form of this command to remove the assigned MAC address.

standby [group-number] mac-address macaddress

no standby [group-number] mac-address macaddress

This command is available only if the enhanced multilayer software image (EMI) is installed. All Catalyst 3550 Gigabit Ethernet switches ship with the EMI installed. Catalyst 3550 Fast Ethernet switches can be shipped with either the standard multilayer software image (SMI) or EMI pre-installed. You can order the Enhanced Multilayer Software Image Upgrade kit to upgrade Catalyst 3550 Fast Ethernet switches from the SMI to the EMI.


Note For best operation, we recommend that you do not configure a virtual MAC address on the switch interfaces, but use the default well-known virtual MAC address.


Syntax Description

group-number

(Optional) Group number on the interface for which the virtual MAC address is being set. The default is 0.

macaddress

The MAC address for the virtual router. For proper operation, the first five bytes of all MAC addresses used for Hot Standby Router Protocol (HSRP) should be the same. The last byte is the group number. When no MAC address is configured, the default well-known MAC address is used (recommended).


Defaults

The default group number is 0.

The default macaddress (recommended) is the well-known MAC address
0x00 0x00 0x0C 0x07 0xAC XX, where XX represents the group HSRP number.

Command Modes

Interface configuration

Command History

Release
Modification

12.1(4)EA1

This command was first introduced.


Usage Guidelines

For best use of hardware, we recommend using the default well-known MAC address. If you do configure a virtual MAC address, the first five bytes of all MAC addresses used for HSRP should be the same. The last byte represents the HSRP group.

Related Commands

Command
Description

standby authentication

Configures an authentication string for the HSRP. For syntax information, select Cisco IOS IP and IP Routing Command Reference for Release 12.1 > IP Addressing and Services> IP Services Commands.

standby ip

Configures or activates the HSRP. For syntax information, select Cisco IOS IP and IP Routing Command Reference for Release 12.1 > IP Addressing and Services> IP Services Commands.

standby preempt

Configures HSRP priority, preemption, and preemption delay. For syntax information, select Cisco IOS IP and IP Routing Command Reference for Release 12.1 > IP Addressing and Services> IP Services Commands.

standby priority

Configures HSRP priority, preemption, and preemption delay. For syntax information, select Cisco IOS IP and IP Routing Command Reference for Release 12.1 > IP Addressing and Services> IP Services Commands.

standby timers

Configures the time between hellos and the time before other routers declare the active Hot Standby or standby router to be down. For syntax information, select Cisco IOS IP and IP Routing Command Reference for Release 12.1 > IP Addressing and Services> IP Services Commands.

standby track

Configures an interface so that the Hot Standby priority changes based on the availability of other interfaces. For syntax information, select Cisco IOS IP and IP Routing Command Reference for Release 12.1 > IP Addressing and Services> IP Services Commands.


storm-control

Use the storm-control interface configuration command to enable broadcast, multicast, or unicast storm control on an interface with the specified threshold level. Use the no form of this command to disable broadcast, multicast, or unicast storm control on an interface.

storm-control {broadcast | multicast | unicast} level level [.level]

no storm-control {broadcast |